P.O. Box 85518 
Lincoln, NE 68501-5518 

CHANGE SERVICE REQUESTED 

December 7, 2007 
Volume 29 Number 49 
www.processor.com 




Products, News & Information Data Centers Can Trust. Since 1979 



Vista Voyage 



Embarking On A Vista Upgrade 
Requires Patience, Planning, Testing 



by Christian Perry 

Not only are wide-scale data center 
changes not accommodating for the faint of 
heart, but they're not exactly friendly even 
to managers of steel resolve. 
As such, in the year since 
Microsoft's Windows Vista 
(www.microsoft.com) hit 
the market, uptake into en- 
terprises has been merely a 
gradual process. 

However, as more time 
passes, small and midsized 
enterprises are increasingly 
under the gun to get onboard 
with the new Windows op- 
erating system. Although 
many users might hesitate to 
leave the familiar grounds 
of Windows XP, Vista of- 
fers increased security, man- 
agement, and other features 
that can benefit organiza- 
tions. Those benefits will 
eventually push most enter- 
prises into adoption, which 
in turn will spark the need 
for a solid upgrade plan. 

Benefits Abound 

According to Josh Kaplan, 
marketing director at RES- 



CUECOM (rescuecom.com), Vista features 
that would appeal to the SME market fall 
into three areas: security, management, and 
user interface. "On the security side, there is 
a host of new security initiatives, some of 




Windows Vista 



which are built-in anti-malware tools, digi- 
tal content protection, and network access 
protection," Kaplan says. 

Whereas previous Windows operating 
systems gave most users access to sensi- 
tive administrative functions, in turn mak- 
ing those environments susceptible to mal- 
ware, Vista employs the new User Account 
Control, or UAC, feature, which monitors 
potential administrative 
changes. 

"When a user attempts a 
task that would require 
administrative access, like 
installing software, they are 
prompted to give consent — 
or, depending on how they 
have configured UAC, even 
to enter administrative cre- 
dentials to perform the 
task," says Laural Gentry, 
product manager with CA 
(ca.com). "Then, access is 
elevated to complete only 
the task for which it was 
given consent." 

Also new is BitLocker 
Drive Encryption, which 
Gentry explains will safe- 
guard data even if a user's 
system is lost, stolen, inad- 
equately decommissioned, 
or accessed by an unau- 
thorized user. The entire 
Windows volume is en- 
crypted by Vista, and that 
Go to Page 10 



VoIP Security Risk Alert 



Locking Down SIP For Voice Traffic 
May Be More Important Than You Think 



by Bruce Gain 

Edwin Andres Pena seemed to exemplify 
the American dream. The young born-in- 
Venezuela businessman was able to amass 
such wealth as a 40-foot boat, south-Florida 
real estate, and BMW and Cadillac Escalade 
luxury cars through his Internet-based phone 
services company in a very short period of 
time. But his arrest last year revealed a dark 
side to Pena's seemingly successful venture: 
More than 10 million phone-service minutes 



his firm sold for more than 500,000 phone 
calls belonged to unsuspecting VoIP service 
providers whom Pena had defrauded. 

The incident made headlines, while it also 
served as a wake-up call for the IT commu- 
nity about VoIP vulnerabilities, because 
Pena had committed his crimes by penetrat- 
ing networks. With the help of a co-conspir- 
ator, Pena managed to hack networks and 
reroute calls without detection through 
unprotected SIP (Session Initiation Protocol) 
ports. According to records the Federal 



SIP's vulnerabilities can give black hats the 
opportunity to take control of machines, 
access networks, or destabilize systems. 



Bureau of Investigation obtained from 
AT&T, the black hat hacker Pena employed 
initiated more than 6 million port scans. 

The incident, however, has not stopped 
VoIP's popularity from exploding. Ac- 
cording to Yankee Group, the business 
VoIP services market will be worth $3.3 
billion by 2010. 

"Voice is going through the roof," says 
Paul A. Henry, vice president of technol- 
ogy evangelism for Secure Computing 
(www.securecomputing.com). "In fact, last 
year the number of new telephone deploy- 
ments using VoIP exceeded those using 
PBX deployment with analog phone lines." 

Unfortunately, Henry says, VoIP net- 
works are often not locked down like they 
should be. "We are at the tip of the iceberg. 
They are selling these voice packages, yet I 
am not hearing anyone talk about voice 
security," Henry notes. "It is somewhat 
appalling for a security expert to hear [ven- 
dors] talk about all of the features, the 
Go to Page 10 
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Four Big Projects For 2008 

We provide the tips, advice, and other infor- 
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in virtualized computing and storage. ■ Global 
DataGuard launched the Enterprise Unified 
Threat Manager ++ for comprehensive security 
applications that can be managed from a single 
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Pinpoint Performance Issues 

TeamQuest IT Service Reporter Lets You Report On Disparate Components 



If your enterprise is like most, 
you face network problems that can 
oftentimes prove difficult to detect, 
investigate, and diagnose. Programs 
such as TeamQuest IT Service 
Reporter can help. 

TeamQuest IT Service Reporter is 
a rich Web application used to cre- 
ate, customize, and distribute reports 
via the Web or in PDF or Excel for- 
mats. Use Service Reporter to: cre- 
ate dashboard-style reports cus- 
tomized for your intended audience, 
customize reports with your logo 
and explanatory text using a drag- 
and-drop interface, and provide a 
performance management report 
revealing the status of IT services 

Using XML and Java, TeamQuest 
IT Service Reporter offers a highly interac- 
tive, Web-based user interface for defining 
reports. Use it to show which IT resources 
are at risk for performance issues and report 
IT service performance as it relates to busi- 
ness, seamlessly accessing data without 
regard to where the data is actually stored. 

Automated Reporting 

IT Service Reporter is the perfect choice 
for automated reporting and simplified dis- 
tribution. The program automatically cre- 
ates periodic customized performance 
reports and makes those reports available 
to IT or business unit management. 

Reporting features let you create dash- 
board-style reports to communicate status at 
a glance and service level achievement at a 
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IT Service Reporter is interopera- 
ble with your own or third-party 
applications. You can export and 
import IT Resource definitions from 
CMDBs or third-party discovery 
tools using XML; generate reports 
using reporting tools such as Crystal 
Reports in conjunction with an 
optional Oracle enterprise database; 
export reports in Adobe PDF or 
Excel formats; and generate alarm 
events and send them to third-party 
consoles via SNMP traps. 



With IT Service Reporter, you can easily define detailed reports pertinent 
to different audiences, annotate reports, and even include your company 
logo for more a more polished, professional look. 



glance, revealing opportunities for improved 
efficiency to management. You can show 
which systems are at risk for performance 
issues. Use workload analysis features to 
analyze and report how much of each server 
resource is being consumed by each IT ser- 
vice, business process, department, or appli- 
cation. Or use IT Resources to analyze and 
report the performance of IT services, com- 
bining performance data from multiple 
servers, applications, or other components. 

Reports can be accessed over the net- 
work or from a browser, so you can access 
data anywhere. A simple drag-and-drop 
interface lets you define reports. And you 
can limit access to reports that include 
only the performance information appro- 
priate for a particular user. 



Multiple Users, Uses 

IT executives, managers, and 
clients rely on Service Reporter to: 

Demonstrate IT value. With 
Service Reporter, you can use cus- 
tomized management reports to show ser- 
vice delivery efficiency; report IT service 
performance relative to agreed-upon service 
levels; and improve communication by 
including informative text on reports. 

Communicate IT service performance 
as it relates to business. Perform your 
analysis and reporting at a level that makes 
sense to IT management and business units 
and show performance by department, by 
user, by application, by server tier, or other 
business-relevant criteria. 

Show where excess or insufficient 
capacity exists or will exist in the future. 
A capacity dashboard reveals IT service sta- 
tus, so you can spot performance trends and 
concentrate IT optimization efforts on IT 
resources that affect important IT services. 



Product features: 

Create, customize, and distribute reports 
Report IT service performance and ser- 
vice level achievement 
Include graphics and annotate reports 
for your audience 

Report how much of each server resource 
is being consumed by each IT service, 
process, department, or application 
Automatically distribute reports via the 
Web or use PDF or Excel formats 
Demonstrate IT value and efficiency 
Show service delivery efficiency with 
customized management reports 
Report IT service performance relative 
to agreed-upon service levels 
Identify excess or insufficient capacity 
Provide a capacity dashboard revealing 
IT service status 

Concentrate IT optimization efforts on 
IT Resources that affect the most critical 
IT services 

Understand which of thousands of sys- 
tems in your IT operation are at risk for 
performance issues 
Integrate with third-party tools 
Access performance data using your 
own or third-party reporting tools such 
as Crystal Reports 

Generate alarm events and send them to 
third-party consoles via SNMP traps. 



TeamQuest IT Service Reporter 



A Web application used to create, customize, 
and distribute reports via the Web or in PDF or 
Excel formats 



(800) 551-8326 
www.teamquest.com 
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Improved Application Availability 

A10 Networks' AX Series Next-Generation Server Load Balancer 
Provides Industry's Best Price/Performance 




Two AX Series switches from A 10 Net- 
works are designed to provide reliable, cost- 
effective application-delivery platforms. 

AlO's AX Series is the industry's best 
price/performance advanced traffic manag- 
er, helping enterprises maximize applica- 
tion availability through a scalable, high- 
performance application delivery platform. 



The AX's ACOS (Advanced Core Op- 
erating System) architecture is revolution- 
ary by market standards because of its 
native multisystems support, which 
includes an optimized multi-CPU architec- 
ture built from the ground up designed for 
performance, scalability, and reliability. 

The AX's ACOS architecture scales per- 
formance across multiple decoupled CPUs 
and specialized programmable ASICs lin- 
early to ensure maximum scalable perfor- 
mance, including when all of the features 
are turned on. The AX Series' aRule 



Advanced Scripting technology provides 
ultimate policy creation flexibility to deliver 
rich traffic inspection and switching capa- 
bilities, helping organizations adapt to ever- 
changing conditions and application types. 

The end result is a switch with uncompro- 
mised performance even when all features 
are turned on, which helps organizations 
reduce data center power, server, and rack 
space requirements. Plus, all features are 
included in the standard list price. 

The two newest AX Series appliances, 
2000 and 2100, are 2U appliances designed 
for enterprise data centers and server farms. 
The AX 2000 has two CPUs, 2GB of mem- 
ory, eight Gigabit over copper ports, two G 
small-form factor pluggable fiber ports, 
and an 80GB hard drive. The AX 2100 has 
those same components, plus an additional 
two CPUs and two G small-form factor 



pluggable fiber ports; the 2100 also has 
dual 80GB RAID 1 hard drives. 

All AX models feature carrier-grade hard- 
ware, the industry's best SSL and Layer 4-7 
price/performance, support for IPv4 and 
IPv6, and an industry- standard command- 
line interface and easy-to-use GUI. 



A1 Networks AX Series 



The AX Series is the industry's best price/ 
performance next-generation server load balancer 

(888) 210-6363 

www.al Onetworks.com/processor 
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Keep Your Data Center 
Cool & Dry 



Rely On AVTECH's Room Alert 1 1 E Environmental Monitor 



Environment conditions in today's data 
centers are a major concern. Power outages, 
air conditioning failures, or blocked ventila- 
tion can cause temperatures to rise above 85 
degrees in minutes, potentially damaging 
equipment and putting data at risk. 

AVTECH Software's Room Alert HE is 
a powerful, inexpensive, easy-to-use way to 
combat potential environmental problems. 

Room Alert HE monitors rooms of near- 
ly any size. And since Room Alert HE is 




connected via Ethernet and does not require 
a host PC for operation, it can monitor vir- 
tually anywhere. 

Room Alert 1 IE allows alert notifications 
via email, email-to-SMS, SNMP, and more 
to virtually any device. Room Alert HE 
also offers an easy-to-use Web browser 
interface for changing settings and viewing 



real-time temperature, humidity, and envi- 
ronment sensor status from anywhere. 
The Room Alert HE includes: 

• Room Alert 1 IE standard or rack model 

• One external digital temperature/humidity 
sensor, one external digital temperature 
sensor, and one external power sensor 

• Eight sets of switch sensor contacts for 
connecting additional external sensors 

• PageR 10 Object Enterprise software 

• Power adapter, 10 feet of Ethernet cable, 
printed and PDF documentation, CD 
media, and Getting Started materials 

• 12 months of toll-free technical support, 
software updates, maintenance, and 
AVTECH's hardware guarantee 

Additional options include: 

• External digital sensors for 
temperature/humidity or temperature 



External switch sensors for temperature, 
humidity, power, flood, smoke, air flow, 
room entry, and more 
1U 19-inch rackmount package 
PageR software license upgrades 
International plug adapter 



AVTECH Room Alert 11E 



Starts at $495 

Powerful yet inexpensive device to monitor 
environmental conditions in data centers of any size 

(888) 220-6700 

www.RoomAlert.com 
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I Discs Lost In UK Contain Data 
On 25 Million 



Two discs containing names, ad- 
dresses, birth dates, National Insurance 
numbers, and, in some cases, bank account 
information on 25 million people have 
gone missing in the UK. The discs hold 
personal records on child benefits claim- 
ants, which include all families in the coun- 
try who have a child under 16. Password- 
protected but not encrypted, the discs are 
believed to have been lost in transit as the 
UK' s HM Revenue & Customs agency sent 
them via internal mail to the National Audit 
Office on Oct. 18. Although Chancellor 
Alistair Darling said no evidence suggests 
that criminals have possession of the discs, 
he did urge those affected to monitor their 
bank accounts. 

I UK Mistake Was Attempt To Save 
Money, Could Cost Banks $500 Million 

Regarding the discs lost by the UK's 
HM Revenue and Customs, emails sur- 
rounding the case have since been released, 
revealing that the decision was made to 
send the unencrypted disks without first 
removing sensitive information in an effort 
to save the agency money. According to 
estimates from Gartner, the data breach 
could cost UK banks $500 million in costs 
associated with closing and reopening bank 
accounts, as well as reissuing debit cards to 
those affected. 

I Server Shipments Up 

Overall server shipments in the United 
States during the third quarter were up 
about 5% compared to a year ago, accord- 
ing to the latest report from Gartner. Dell 
remained the leader in terms of units 
shipped; it shipped more than 240,000 
servers during the quarter, up 1% from a 
year ago. HP came in second, with ship- 
ments up 13.3% compared to a year ago; 
IBM claimed third, despite shipments drop- 
ping about 11%. In terms of server revenue, 
IBM came in first with $1.5 billion, fol- 
lowed by HP, Dell, and Sun. 

I VA Experiences Another Data Breach 

Although details of the potential data 
breach have not been released, Rep. Steve 
Buyer (R-Ind.) has revealed that three com- 
puters — one laptop and two desktops — 
were stolen from a U.S. Department of 



Veterans Affairs medical center in In- 
dianapolis. The computers involved in the 
theft, which occurred on Veterans Day, 
contained personal information, including 
Social Security numbers, of as many as 
12,000 medical patients. In a statement, 
Buyer said that he would "find out why VA 
policies were not followed and take what- 
ever steps are needed" to ensure that data at 
the VA is better protected. 

I Symantec Layoffs Include 
Two Top Execs 

Security giant Symantec has been laying 
off employees in an effort to reduce costs; in 
March, it laid off 5% of its worldwide work- 
force and saved around $200 million in the 
process. Last month, it announced another 
round of layoffs, which will affect a little less 
than 3% of the company's global workforce 
but will not impact all of Symantec's busi- 
ness sectors. Two top executives at the com- 
pany will be among the employees laid off: 
Vice President of Global SMB, Industry, and 
Partner Marketing Erna Arnesen and Vice 
President of Americas Marketing Marlene 
Williamson. Symantec didn't comment on 
the status of specific employees. 

I Senators Urge Scrutiny 
Of Google/DoubleClick Deal 

Two U.S. senators — Wisconsin's Herb 
Kohl and Utah's Orrin Hatch — issued a 
statement asking the Federal Trade Com- 
mission to seriously investigate the poten- 
tial outcomes from Google's planned pur- 
chase of DoubleClick. The two senators, 
who are members of the Senate's antitrust 
committee, said, "We believe that this deal 
raises fundamental consumer privacy con- 
cerns worthy of serious scrutiny." They 
note that Google has a dominant position 
in Internet contextual advertising, and 
DoubleClick has a leading position in 
Internet display advertising. Google an- 
nounced its intent to purchase Double- 
Click for $3.1 billion in April. The Euro- 
pean Commission has already said it plans 
to investigate the deal. 

I HP Posts Q4 Profit 

HP recently reported its financials, 
which show a quarterly profit for the com- 
pany, led in large part by an improvement 
in its software business. For the fourth 
quarter, which ended Oct. 31, HP reported 
net earnings of $2.3 billion, or 86 cents a 
share, compared to $1.9 billion in net 
income during the same quarter a year ago. 
Q4 earnings beat Thomson Financial ana- 
lysts' estimates of a net income of $2,184 
billion and earnings of 82 cents a share. 
Fourth-quarter revenue for the company 
was $28.3 billion, up 15% over last year. 
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Company 


Symbol 


Year Ago 


Nov 19$ 


Nov 28 $ 


% change from 
previous week 


BEA Systems 


BEAS 


$14.01 


$15.68 


$16.06 


▲ 2.42% 


Computer Associates 


CA 


$21.94 


$25.50 


$24.92 


T 2.27% 


Cisco Systems 


CSCO 


$27.25 


$29.43 


$28.05 


T 4.69% 


Dell 


DELL 


$26.84 


$26.62 


$27.69 


▲ 4.02% 


Electronic Data Systems 


EDS 


$27.07 


$20.25 


$20.37 


▲ 0.59% 


Google 


GOOG 


$484.85 


$625.85 


$692.26 


▲ 10.61% 


HP 


HPQ 


$39.86 


$49.44 


$50.73 


▲ 2.61% 


IBM 


IBM 


$93.51 


$102.22 


$107.37 


▲ 5.04% 


Intel 


INTC 


$21.22 


$25.17 


$26.19 


▲ 4.05% 


McAfee 


MFE 


$29.51 


$35.70 


$39.32 


▲ 10.14% 


Microsoft 


MSFT 


$29.33 


$33.96 


$33.70 


T 0.77% 


Oracle 


ORCL 


$19.28 


$20.53 


$20.51 


▼ 0.1% 


Red Hat Software 


RHT 


$17.13 


$18.91 


$19.56 


▲ 3.44% 


Sun Microsystems 


JAVA 


$5.65 


$19.63 


$20.86 


▲ 6.27% 


Symantec 


SYMC 


$21.15 


$17.41 


$18.22 


▲ 4.65% 
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I Webroot To Acquire Email Systems 

Webroot, a vendor that sells antispyware 
program Spy Sweeper and other security 
software, has announced it will purchase 
Email Systems, a UK-based company that 
provides email and Web protection and data 
archiving management services. Email 
Systems' customers include more than 
1,500 companies, and its services are cur- 
rently protecting 2.5 million email mail- 
boxes worldwide. With the acquisition, 
Webroot will get a new software-as-a- 
service product line to complement its secu- 
rity products; it plans to market Email 
Systems' Internet-based services as Web- 
root Email Security SaaS. Webroot also said 
its technical support services will support all 
of Email Systems' existing customers. 

I Holiday Season May See 
50% Spam Increase 

The 2007 holiday retail rush may 
bring with it 50% more spam than the cur- 
rent level, according to researchers at MX 
Logic. If the company is right about the 
spam spike, the spike will mean spam lev- 
els are 200% higher than they were in 
January. MX Logic also says the Storm 
Worm may make a comeback as cyber 
criminals use botnets in their spamming. 
MX Logic says the holiday spam spikes at 
the end of the year often foretell the spam 
levels for the next year, as the company 
usually sees spam levels drop briefly and 
then plateau at a higher level. 

I Lenovo Building Factory In Poland 

Lenovo announced its plans to build a 
new factory in Poland as part of its efforts 
to bring its manufacturing operations closer 
to its expanding customer bases. The $20 
million, 3 0,000- square-meter factory will 
be built in Poland's Legnica Special 
Economic Zone and support customers in 
Europe, the Middle East, and Africa. 
Lenovo expects to have the factory up and 
running late next year; it will employ about 
1,000 workers and be initially capable of 
producing about 2 million PCs a year. This 
year, Lenovo also has announced plans for 
new manufacturing plants in China, India, 
and Mexico, along with a fulfillment center 
in North Carolina. 

I IBM Supercomputer Sets Record 

IBM's Blue Gene/L supercomputer deliv- 
ered a sustained performance of 478 ter- 
aflops, or trillion calculations per second. 
The computer, located at Lawrence Liver- 
more National Laboratory, topped the 
TOP500 Supercomputer Sites list for the 
fourth year in a row. IBM, which had a 
total of 232 supercomputers on the list, also 
took second place with its Blue Gene/P 
computer. The Blue Gene/P system is lo- 
cated in Germany and was clocked at 167 
teraflops. This was the first year computers 
on the TOP500 list were also ranked 
according to energy efficiency on the 
Green500 list; IBM systems placed in 26 of 
the top 27 spots. 

I Internet Running Out Of Capacity 

According to a recent study by Ne- 
mertes Research, by 2010 the Internet could 
be overloaded by continually increasing con- 
sumer and corporate use, leading to 
brownouts. In order to avoid reaching this 
capacity, backbone providers need to invest 
up to $137 billion in new capacity, which is 
more than double what service providers cur- 
rently plan to invest, the study noted. The 
study also reported that it's the first to "apply 
Moore's Law (or something very like it) to 
the pace of application innovation on the 
'Net." The study was funded by a group 
including Fortune 2,000 enterprises, vendors, 
service providers, and nonprofit groups. 
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| SIX QUICK TIPS I 



Making Load Balancing 
More Accessible & Affordable 



by Drew Robb 
• • • 

Load balancing is all about balancing 
workloads between multiple servers and 
devices. In essence, it distributes process- 
ing and communications traffic evenly to 
prevent one device from becoming a bot- 
tleneck that slows down the network. 
Companies, for example, commonly use 
load balancing gear along with several 
Web servers to prevent Web site over- 
load. 

Here are some tips to make load balanc- 
ing more accessible and affordable. 

Examine Traffic Flows 

Before deploying load balancers, it is 
important to examine what existing traffic 
flows look like. Is there only a need to per- 
form outbound load balancing, or are both 
outbound and inbound load balancing 
called for? 

"Inbound load balancing is mostly useful 
for companies that have presence on the 
Internet and have servers (Web, other appli- 
cation servers, extranets, VPNs, mail, 
FTP, etc.) hosted at their premises," says 
Manuel Alvarez, general manager of Alvaco 



Smart Tip: 



O As load balancers tend to rapidly become 
key components of a network infrastructure, 
it is essential to have easy access to qualified 
engineers/technicians to receive the appropriate 
help. 

"Some of the programming aspects in a load 
balancer may be very similar to those of a 
broadband router or a firewall," says Manuel 



Best Return 
On Investment: 



O Load balancing doesn't so much generate 
income as prevent income losses. The easiest 
way to determine payback for a load balancer, 
therefore, is by comparing potential loss of 
sales/productivity should the IT infrastructure 
become unavailable vs. the cost of the invest- 
ment. 

One way to estimate this is by calculating the 
revenue per hour produced by the company 
divided by 2,000 (250 working days at eight 
hours per day). Then estimate the number of 



Networks (www.alvaco.com). "Inbound load 
balancing is a robust, cost-effective means to 
increase the availability of those services." 

Inbound load balancing can be done in 
several different ways, including the use of 
DNS (Domain Name Server) technology, 
multilayer switching, and various other 



schemes. When it is based upon DNS, the 
load balancer must become the SOA (Start of 
Authority) or authoritative DNS server for 
the domain. From this point on, when some- 
one in the open Internet performs a query to 
find the IP of a host related to the domain, 
that query comes to the load balancer. After 
calculating the best line to receive incoming 
traffic, it offers the corresponding IP. 

Keeping Costs Down 

Load balancing can get expensive. 
Therefore, it is imperative for IT managers 



Alvarez, general manager of Alvaco (www.alva 
co.com). "However, other aspects will require 
expert advice." 

For instance, load balancers may have to be set 
up to deal with certain traffic and ignore others. 
VoIP should probably stay away from load bal- 
ancing to ensure voice quality. Similarly, VPN 
traffic may have to be isolated. 



hours annually that the Internet is either down 
or degraded. 

That gives an idea of how much it costs annu- 
ally in downtime, and the figure can be com- 
pared against the investment required for a 
load balancer along with additional lines. 

"Most of the time, if the company is really 
dependent on the Internet to deal with clients, 
load balancers will have a very quick ROI," says 
Alvarez. 



to match load balancers to application 
requirements. 

"The best way to integrate a load bal- 
ancer into the network is to take an appli- 
cation-specific approach," says Sean 
Heiney, product manager at Barracuda 
Networks (888/268-4772; www.barracuda 
networks.com). 

The good news is that prices have come 
down, and a wide range of affordable prod- 
ucts is now available. But there are still 
points to watch for. Can the load balancer 
be installed within minutes, or does it 



require expensive onsite installation ser- 
vices? Are there per-port or per- server fees 
that can hamper application deployment? 

"The commoditization of the load bal- 
ancing market has delivered comprehensive 
and affordable load balancers to meet most 
application high-availability objectives," 
says Heiney. "Now that expensive pricing 
isn't restricting the adoption of server load 
balancing, it is easier to deploy more appli- 
cations and servers." 

Another way to keep costs down is to 
deploy solutions that operate at Layer 2 of 
the OSI Model. 

"This type of implementation will pre- 
vent various types of programming and is 
usually compatible with any brand of fire- 
wall and router," says Jean Pascal Hebert, 
vice president of business development at 
Elfiq Networks (866/633-1227; www.elfiq 
.com). "With a Layer 2 approach, this 
process is almost a drop-in type of imple- 
mentation." 

Sensible Design 

When considering load balancing tech- 
nology, the critical first step is to design a 
network topology that works well with the 
load balancing equipment of choice — take 
into consideration the location of the 
servers in relation to the location of the 
load balancers when designing the network 
topology. For example, setting up the load 
balancer in routed mode (using two inter- 
faces with the load balancer acting as the 
servers' default gateway) typically is the 
most efficient for packet processing. 
However, direct management of the servers 
could be difficult if the network topology is 
not properly designed. 

"There is not one best method of deploy- 
ment for everyone, so users need to weigh 
the pros and cons to determine what will 
work best for their network environment," 
says John Huang, senior systems engineer 



for A10 Networks (408/325-8668; www 
.alOnetworks.com). "Make sure you con- 
sult with your load balancer vendor in the 
preplanning stages during the network 
topology design process to ensure a suc- 
cessful installation." 

Consider File Load Balancing 

File-based load balancing is a relatively 
new technology that allows you to dynami- 
cally share file storage-related load among 
multiple physical file storage devices in 
order to overcome the limitations of those 
individual devices. For example, a physical 
file storage device might have a file system 
limitation of 16TB, yet a particular applica- 
tion might require more capacity. File- 
based load balancing could be used to pool 
multiple file systems together to create a 
virtual file system that appears larger than 
16TB to the application. 

"This is a technology which can help out 
in cases where you might be running into 
constraints associated with physical file 
storage devices such as file system size or 



BONUS TIPS 



Deploy in pairs. Another sensible tip for IT 
managers that is especially important for net- 
work integrity is to deploy load balancers in 
pairs. By having two load balancers together, 
organizations can better achieve their avail- 
ability objectives, thus providing a safeguard 
against server failure. 



Plan for capacity. With Internet access 
becoming faster and cheaper, appropriate 
planning needs to be done regarding the 
number of lines to have and the throughput 
expected on those lines. Both parameters 
are key in selecting a load balancer. And as 
Web sites rarely shrink in size, it is impor- 
tant to plan ahead over a two- to three-year 
time frame to allow for expected traffic 
increases. 

throughput," says Nigel Burmeister, senior 
product marketing manager for F5 Net- 
works (www.f5.com). "Disrupting critical 
applications or users to provision new stor- 
age as well as performance bottlenecks in 
the file storage infrastructure are symptoms 
that could indicate dynamic file load bal- 
ancing might be beneficial." 

The attractive thing about this technology 
is that it doesn't require network changes. 
It runs over your existing IP/Ethernet infra- 
structure and uses standard CIFS (Common 
Internet File System) and NFS (Network 
File System) protocols. As a result, demand 
for file storage capacity is growing, as it is 
one answer to the puzzle of how to manage 
a lot more storage without increasing IT 
headcount. 



Before deploying load balancers, 
it is important to examine what existing 
traffic flows look like. 
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Geographic WAN Link Balancing 

Elfiq Link Load Balancer Lets You Better Manage Traffic 
& Meet Your Budget 



Elfiq Network's Link LB (Link Load 
Balancer) 1500E is the next-generation 
model of rackmount entry-level link load 
balancer supporting up to eight WAN links 
and 150Mbps of WAN throughput. It sup- 
ports hardware LAN failover and requires 
less than 25W of power consumption. 

The LB-1500E redefines the entry-level 
rackmount field by providing an unmatched 
functionality/price/performance ratio and 
differentiates itself from the competition by 
operating at the data link network layer 
(Layer 2 inline/transparent operation) to 
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manage synchronous or asynchronous 
telecommunication links. Elfiq Link LB 
implementation is simple and does not 
require IP address migration or changes to 
firewalls or routers. This approach prevents 
the use of complex protocols, such as Bor- 
der Gateway Protocol, to support multiple 
links and reduces implementation projects. 

The Elfiq Link LB guarantees optimal 
access for your network and applications 



for business continuity, while optimizing 
your multihomed network throughput. If a 
link fails, the Link Load Balancer will 
effectively redirect network traffic toward 
other links based on user-defined policies. 

Advanced functionalities such as Geo- 
Link geographic load balancing make the 
Link LB a key element of disaster recov- 
ery projects and ensure maximum avail- 
ability to the enterprise's IP services. 
Traffic will continue flowing between sites 
when a site goes down, and geographic 
policies clarify what kind of traffic or IP 
service is allowed to use another site. 

For point-to-point resiliency implementa- 
tions such as VPNs or VoIP, Elfiq' s Best 
SitePathMPTX technology monitors alter- 
nate paths and their effective bandwidth and 
redirects the packets through the best avail- 
able path. The Link LB gathers metrics and 



real-time bandwidth usage; this information 
can be encrypted and shared between two 
balancers for redundant implementations. 

Elfiq Link Load Balancers are built 
around the Elfiq Operating System, and 
the hardware platform is fanless and has 
no moving parts. In addition, it produces 
little heat, reducing the risk of failures. 



Elfiq Link Load Balancer 1500E 



Rackmount entry-level load balancer supporting up 
to eight links and 150Mbps of WAN throughput 

(866) 633-1227 

www.elfiq.com 
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Evaluate & Improve 
Your Security Defenses 



Action Plan 



How To Know If Your Security Strategy 
Is Working Properly 



by Elizabeth Millard 

• • • 

Making sure networks and data are 

secure is a top priority for every company, 
regardless of size, and it would be tricky to 
find a firm that didn't have at least some 
controls in place. But as many data center 
managers know, security 
is an ongoing challenge, 
and it seems that there are 
always new products and 
consultants promising 
more bulletproof systems. 

Although there's no sin- 
gle solution (unfortunate- 
ly) that can give absolute 
security, there are ways 
to evaluate and improve 
security defenses without 
busting the budget. Here's 
part of the game plan. 



Evaluate The Amount 
Of Effort Involved 

If an IT manager is 
spending the majority of 
the day on security, then 
the strategy is likely inef- 
fective, notes Eric Skinner, 
CTO of security firm En- 
trust (www.entrust.com). 
"Security is often a combi- 
nation of written policy 
and software, and what you 
have to look at is the level 
of automation that's involved," he says. 

Evaluating security first involves looking 
at the layers and making sure they're con- 
nected and working well together, he notes. 
Each tool should complement each other 
and build on the strength of other tools. For 
example, Skinner notes, email encryption 
leads to disk encryption, and so on. "You 
should have a variety of technologies work- 
ing together to plug the holes," he says. 

Take Users Out Of The Equation 

No matter how well-intentioned employ- 
ees might be, asking them to encrypt their 
email attachments or refrain from inappro- 
priate downloads shouldn't be part of a 
security strategy, according to Skinner. 
"It's just human nature," he says. "If your 
job is to design widgets or balance the 
books, any kind of security policy that 
requires user action will be a distraction." 



The more automated and in the back- 
ground a security strategy might be, the 
less likely it is that users will be an issue. 
Skinner suggests content-monitoring soft- 
ware that can give quick visibility into 
whether inappropriate content is leaving the 
organization, for instance. "For SMEs in 




particular, there are issues that have sprung 
up unexpectedly, like people suddenly turn- 
ing on a bunch of capabilities like remote 
access," he says. "Smaller companies some- 
times haven't had the time to think through 
the implications of actions like that." 

Understand What You Need 

Figuring out which security features are 
necessary and which can be discarded is a 
big question, says Peyton Engel, security 
specialist at CDW Berbee (www.berbee 
.com). 

The first step is to prioritize the risks that 
the organization needs to defend itself 
against, he notes. In general, it won't be 
feasible to address all risks and will be 
impossible to fully eliminate many of those 
that do get addressed. 

"The next step is to conduct some form of 
assessment to measure the extent to which 



high-priority information is at risk," he says. 
Once there's a list of potential problems, an 
IT manager can start thinking about their 
costs, in terms of the degree of harm that a 
given security incident might cause and the 
probability or frequency of such events. 

"There's a huge variety of security prod- 
ucts available, but a product is only worth- 
while if it addresses a risk an organization is 
unwilling to tolerate in a cost-effective man- 
ner," says Engel. "The true cost of security 
solutions can be subtle; howev- 
er, there's the up-front purchase 
price, and there is also the 
recurring cost of monitoring 
and managing the system." 

The time spent learning an 
intrusion detection engine's 
alerts should be factored in, for 
example, although it generally 
far outweighs the cost of get- 
ting the system installed. 

Maximize Free Security Tools 

Although "free" can some- 
times translate to "labor-inten- 
sive," there are some tools in 
the marketplace that can be 
helpful, particularly for specific 
tasks such as creating logs or 
monitoring networks. Skinner 
suggests that even before down- 
loading them, though, a com- 
pany should evaluate its level of 
in-house expertise. 

"Obviously, free tools don't 
come with technical support, 
so you have to have the skills 
to handle support issues," he 
says. "The bigger question is: Will the tool 
make the environment more secure in an 
automatic way or just create more work? If 
the expertise is in place and the automation, 
then the tools can be helpful. And the price 
is certainly right." 

Tune Your Vendor Mix 

An organization should avoid putting all 
its eggs in one basket, Engel believes, and 
can find more strength in a mixed environ- 
ment. The theory is that a security flaw in 
one vendor's products won't affect other 
brands. But the challenge has been cost of 
ownership — maintaining a variety of sys- 
tems, with contracts and training, is more 
expensive than installing a single family 
of products. 

A better approach might be to strike a bal- 
ance between products and services, Engel 
says. Instead of choosing between products 



Bryan Harkins, training and development 
manager at AirDefense (www.airdefense.net), 
offers the following step-by-step recommen- 
dations for SMEs trying to improve their wire- 
less security. 

1 . Update the firmware on the APs (access 
points) and on all of the STAs (stations). 

2. Change the administrator's password to a 
very complex one that you can remember 
and/or document. 

3. If the AP allows you to do so, change the 
name of the administrator's account. 

4. Disable DHCP (Dynamic Host Control 
Protocol) on the LAN side of the AP and 
use Static IP addressing on the STAs. 

5. Change the default IP address of the AP 
to something that will work for your STAs. 

6. Use the strongest authentication and 
encryption that the AP and STAs can all 
use. 

7. Turn off the broadcasting of the SSID 
(Service Set Identifier) in the Beacon 
frame. 

8. Use a nondefault SSID that neither identi- 
fies you, your business, your location, or 
the location of the AP. 

9. Place a space or two at the end of the 
SSID. (War drivers will not see them.) 

10. Implement a MAC filter allowing only your 
STAs to connect. 

11. Turn the transmit power down on the AP 
to just what is required for desired cover- 
age. 

12. Use a nonoverlapping channel, preferably 
not channel 6. 

13. Change your PHY (physical layer device) 
to 5GHz if possible. 

14. Use antispyware on your STAs. 

15. Use a personal firewall on the STAs. 

16. Use endpoint protection software if possi- 
ble. 

17. Install the AP in a physically safe location. 

18. Do not disclose your configurations to oth- 
ers. 

19. Limit the number of allowed associations 
to just your STAs. 

20. When not in use, turn off the AP. 

21. If there is a breach in security, change all 
security settings as soon as possible. 

22. If you are unable to configure the AP 
securely, consult a trained and certified 
professional to do so on your behalf. 



that will be owned and maintained in- 
house, he suggests integrating some remote- 
managed security services into the blend. 
"These services are becoming an attractive 
proposition in the current market because 
they allow SMEs to take advantage of the 
investments that larger operation centers 
have made in terms of economies of scale," 
he says. As a result, features such as sophis- 
ticated event management systems, round- 
the-clock monitoring, and proactive mainte- 
nance are now available for many SMEs. 
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Citrix Unveils On-Demand 
Provisioning Server 

Platform Enables Monitoring & Management Of Virtual Environments 



Visualization has expanded rapidly 
throughout data centers, providing business- 
es with a tool for consolidation and opti- 
mization. The technology is also upping the 
ante on management. Citrix Systems has 
introduced its Provisioning Server, intended 
to reduce that complexity by providing on- 
demand provisioning of virtual and physical 
machines from a central location. 

"Monitoring and managing these virtual 
environments is not as easy as it might 
appear," says Bala Murugan Vaidhinathan, 



chief architect for Citrix. "You might reduce 
the number of pieces of hardware from 20 to 
one, but within the virtual environment, on 
that single piece of hardware, there are now 
20 operating systems running. You've 
potentially put all your eggs in one hardware 
basket, and it needs to perform." 

The Provisioning Server is based on the 
OS-streaming technology developed by 
Ardence, which was acquired by Citrix in 
January. The system allows for a more agile 
and cost-effective delivery of applications 



and desktops and is expected to be used to 
complement technology from the recently 
announced Citrix acquisition of virtual infra- 
structure specialist XenSource. 

"A lot of businesses have tried visual- 
ization to some degree for a certain appli- 
cation, and often it may not have panned 
out as planned. They find they're not get- 
ting enough performance, and they just go 
back to single server mode," Vaidhinathan 
says. "There is not enough time and persis- 
tence to fix the problems." 

Many of the mechanics of managing 
virtualized environments are similar to cen- 
tral management of sets of thin-client termi- 
nals, he says, a technology with which 
Citrix has a long history. The platform itself 
has been in development for about six years. 

"We are very effective in understanding 
the mechanics of virtual environments," 



Vaidhinathan says. "In Citrix (termi- 
nal) platform you have one single 
OS being shared by 20 different users. 
Within today's virtual environments, 
you've got one piece of hardware 
being shared by 20 different operating 
systems." 



Citrix Provisioninq Server 



Allows IT departments to stream operating systems 
and workloads to both virtual and physical 
machines from a central location 

(800) 424-8749 

www.citrix.com 
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Implementing Unified 
Communications 



Know If A Change 
Is Right For Your SME 

by Don Reisinger 
• • • 

Implementing a unified communications 
infrastructure is one of the most important, 
yet costly, endeavors any data center manag- 
er will be forced to endure. As the need for 
constant communication in the workplace 
continues to rise, IT managers are forced to 
find new ways to make sure everyone in the 
office is available at any given time. And 
while it may be much easier to implement 
than believed, it is still one of the more costly 
projects any company will be faced with. But 
with the help of third-party solutions such as 
a unified communications platform, both dif- 
ficulty of setup and high costs can be drasti- 
cally reduced. 

Do We Really Want 

A Unified Communication System? 

The first thought that any data cen- 
ter manager should consider is simply, 
"Should we implement a unified communi- 
cations system?" If a company has fewer 
than 10 employees and most of those 
employees are readily available, the need 
for a unified communication system is 
probably minimal. But as a company grows 
and employees are at home and abroad, the 
need for a unified communication system is 
greatly increased. 

But as a company representative from 
Zultys (www.zultys.com), a company that 
develops and implements VoIP into data 
networks, explains, "Some small to mid- 
sized enterprises want to level the playing 
field and be thought of in the same class as 
the 'big boys.' And certainly one way to do 
that is to have the same tools that enterpris- 
es have — a sophisticated auto attendant to 
tend the caller's needs, an interactive voice 
response (IVR) system to prescreen phone, 



Action Plan 



1. Planning. Do you really need a unified 
communication system? If so, where do 
you want to start? 

2. Evaluation. What are the most important 
areas of improvement? 

3. Implementation. 

4. Service and support. How to use it, and 
what will happen if something goes wrong? 

5. Start planning for the next phase. 



or CRM/call center software to help man- 
age sales opportunities." 

On the other hand, some companies may 
wish to implement unified communication 
systems to maximize employee 
efficiency. As Denny Michael, 
vice president of marketing at 
AVST (www.avst.com), a com- 
pany that specializes in de- 
veloping communications for 
businesses, points out, "Com- 
panies can improve employee 
productivity and thus improve 
customer service by making 
employees more accessible and 
reducing human latency from 
the business. On top of that, 
those same companies can sup- 
port their mobile employees by 
providing productivity tools to 
this segment of the workforce 
that enable them to stay in 
touch, be responsive, and be 
productive." 

We Want To Do It. Now What? 

If your company is ready to 
implement a unified communi- 
cations system, it next needs to 
evaluate a host of issues before 
the project can begin. 

According to Michael, unified communi- 
cations is not a single project in and of 
itself, and it should not be evaluated as 
such. His company believes that, "Unified 
communication deployment is not a single 
project. It consists of telephony, messaging, 
call processing, instant messaging, pres- 
ence, conferencing and collaboration, noti- 
fication, and business process integration." 

Because of that, Michael believes it is 
incumbent upon all data center managers to 
evaluate the company's objectives, what 
kinds (if any) of unified communication 
systems are currently in place and how they 
might be improved, what the unified com- 
munication priorities are, and how well 
unified communications satisfy unrelated 
company strategies such as security, com- 
pliance, and disaster recovery. 

Let's Get It Started 

Now that you have evaluated your com- 
pany' s needs and know how you would like 
to implement a unified communications 
system, a number of solutions are available 
to do just that. 

Zultys is a company that specializes in 
implementing the unified communications 
system itself. Because of this, most of the 



work that would have otherwise been 
performed by a data center manager is actu- 
ally performed by the Zultys team. With 
that in mind, implementing a Zultys system 




can be extremely efficient and relatively 
cost effective. 

According to the company representa- 
tive, the implementation phase of a Zultys 
installation revolves around two main com- 
ponents: knowing what the IT administrator 
is looking for in the system and knowing 
what the C-level (CEO, COO, CTO) per- 
sonnel want out of the system. Because of 
this, the company provides end-to-end 
solutions that run on SIP (Session Initiation 
Protocol), which allow IT managers to find 
more cost-effective equipment to run on the 
protocol while addressing the C-level need 
of a return on investment. 

On the other hand, AVST believes uni- 
fied communication implementation is a 
multistep and a multievent process. Instead 
of integrating a unified platform all at once, 
AVST believes unified communication sys- 
tems can be focused on retrieving phone 
calls and forwarding those calls to mobile 
phones, or those same systems could in- 
volve messaging. Either way, the company 
feels unified communications is a far 
broader topic than some others. 

With that in mind, implementing a unified 
communications system in this context is 
not a one-time event. Instead, AVST would 
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recommend finding areas where improve- 
ment is necessary and allocating resources to 
those areas as needed. For example, IT man- 
agers could use AVST's CallXpress system, 
which supports Microsoft Exchange (www 
.microsoft.com), IBM Lotus Notes (www 
.ibm.com), or any other IMAP-compatible 
email to create a unified messaging system 
throughout an enterprise. 

That said, the company also believes that 
using just one vendor is not always best. 
According to Michael, "Unified communi- 
cation is ideal for a best-of-breed approach 
because of how broad the technology is. 

Therefore, it is best not to 
get locked into a single- 
vendor solution that will 
prohibit you from deploy- 
ing the best solution in 
each product segment." 

What Features 
Are Most Important? 

Although there are a 
variety of options, some 
features are far more im- 
portant than others. For 
example, most communi- 
cation companies believe 
a presence system is a 
must-have for any unified 
communication system. In 
effect, "Presence will con- 
sist of desktop status, 
phone status, calendar 
availability, location sta- 
tus, skills status, etc. 
Presence will be used to 
negotiate real-time con- 
versations to minimize the 
amount of time it takes to 
communicate with the right person in order 
to complete a task." 

Conferencing is another important ele- 
ment that companies are deploying for one 
simple reason: With the ability to have 
voice and video messaging at their dispos- 
al, companies can save a large sum of capi- 
tal in traveling and lodging, and important 
meetings can be held with people thou- 
sands of miles away. 

Finally, smartphones have ushered in a 
new way of getting in touch with employees 
who are on the road — mobile messaging. 
According to both AVST and Zultys, mobile 
messaging is one of the most important ele- 
ments of any unified communication system, 
as it creates a far more efficient workplace. 

Unified communications is an important 
component of any enterprise. As the na- 
tion's economy continues to expand and 
become more global, it is incumbent upon 
companies to find the most effective ways 
of implementing communication systems 
that will keep employees and other stake- 
holders constantly in touch. And because 
most unified communication systems yield 
a positive return on investment in just three 
years, most executives realize that it repre- 
sents the wave of the future. 
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Instantly Search Terabytes 

dtSearch Can Scan Terabytes Of Data In A Variety Of Formats 



Today's enterprises are filled with vast 
amounts of data in a variety of formats in 
seemingly endless numbers of locations. 
Finding the information you need can be 
daunting, which is where programs such as 
those from dtSearch can be essential. 

dtSearch can instantly search terabytes 
of text because it builds a search index that 
stores the location of words in documents. 
Indexing is easy: Simply select folders or 
entire drives to index and dtSearch does 
the rest. dtSearch automatically recognizes 
and supports all popular file formats and 
never alters original files. 



Terabytes 



dtSearch can also cre- 
ate (and search with a 
single request) an unlim- 
ited number of indexes. 
Since you may want to 
search files that dtSearch 
has not indexed, dtSearch 
also does unindexed, as 
well as "combination," searching. 

All dtSearch products can index more 
than a terabyte of text in a single index and 
create and search an unlimited number of 
indexes. Search time is typically less than a 
second, even across terabytes of data. 




Along with the terabyte indexer, all 
dtSearch products include more than two 
dozen indexed, unindexed, full-text, and 
fielded data search options; support 
for hundreds of international languages; dis- 
play of Web-ready con- 
tent with highlighted hits 
and all images, links, and 
formatting intact; built-in 
HTML converters for hit- 
highlighted display of 
other popular file types; 
and distributed or feder- 
ated search options, with 
display of local and remote content. 

The dtSearch product line also embeds 
the dtSearch Spider, providing support for 
public sites, secure content HTTPS, pass- 
word-accessible sites, and forms-based 
authentication; searching of static and 



dynamic content; and relevancy-ranking of 
spidered and non-spidered content. 

The dtSearch Engine lets C++, Java and 
.NET developers add dtSearch terabyte 
indexer and file format support to Web- 
based and other applications. 



dtSearch 



Instantly searches terabytes of data, in a variety of 
formats, across a desktop, network, Internet or intra- 
net; new release offers 64-bit developer API access 

(800) 483-4637 

www.dtsearch.com 



dtSeardf 

www.dtsearch.com 
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Vista Voyage 

Continued from Page 1 
volume's integrity is checked when the sys- 
tem boots, helping to prevent unauthorized 
access. 

Vista also brings a wide range of man- 
ageability enhancements, including several 
hundred new group policy settings that man- 
agers can use to configure desktop environ- 
ments. "These policies can be used by 
administrators to further reduce the security 
threat surface area of the desktop operating 
system, compared to Windows XP," explains 
Gary Darbyshire, director of enterprise infra- 
structure at Avanade (www.avanade.com). 

Plan For Action 

Considering that Vista's first service 
pack won't be released until early next 
year, current Vista users are considered 
early adopters, even now. The transition 
to Vista will be easier once SP1 does 
arrive, but SMEs must still perform thor- 
ough evaluations before embarking on the 
upgrade. According to Darbyshire, this 
pre-Vista evaluation should entail a five- 
step process. 

The first step is what he calls "applica- 
tion rationalization." Companies must ana- 
lyze all of their business-critical applica- 
tions in terms of Vista compatibility 
(including whether they can be installed 
and if they're stable) and in terms of com- 
patibility with the Vista security configura- 
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tion they choose, Darbyshire says. Another 
step is determining hardware compatibility, 
which verifies whether existing hardware 
meets Vista requirements. 

"Once this is done, an organization can 
create a plan to, one, upgrade specific hard- 
ware elements or, two, replace the hard- 
ware," Darbyshire says. "Avanade suggests 
an organization look at existing hardware 
depreciation schedules and plan a hardware 
refresh and Vista upgrade that is aligned 
with it for improved desktop life cycle 
management." 

The hardware evaluation phase can be a 
very time-consuming process, but it must 
be accomplished to avoid surprises when 
Vista arrives. "Unless the SME has an 
automated way to collect information about 
the existing memory, its configuration in 
the box, and whether there are slots avail- 
able for the upgrade, this is a very labor- 
intensive process," says Chris Tamblyn, 
CEO of matrix42 (www.matrix42.com). 

Also key to the pre-Vista upgrade 
process is an evaluation of the current sup- 
port organization. Darbyshire says that 
Vista implementation is likely to spark an 
increase in support calls, so enterprises 
should examine their existing skills, 
processes, and SLAs (service-level agree- 
ments) so they can plan for appropriate 
Vista support. 

The two remaining elements that man- 
agers should address, Darbyshire says, are 
training, in which evaluations are per- 
formed to determine how much training is 



necessary to get users up-to-speed with 
Vista, and the overall desktop life cycle, a 
process that aligns with the organization's 
hardware depreciation cycle and business 
objectives. 

CA's Gentry notes that it's also impor- 
tant to determine well in advance which 
Vista edition will be used because this can 
impact a wide range of preparation details. 

Deployment Day 

When the Vista preparation is complete, 
the level of difficulty for the actual upgrade 
depends on whether a company is replacing 
existing machines or upgrading existing 
machines. In either case, Kaplan says, user 
data must be backed up to a network loca- 
tion and then restored to the upgraded 
machines. 

According to Gentry, tools are available 
that can automate the tedious process of 
transferring user data and settings to 
upgraded machines. "If a number of dif- 
ferent tools are used, the process decided 
upon should be integrated and automated 
as much as possible," Gentry says. "Auto- 
mation decreases errors and the time it 
will take to accomplish a successful 
deployment." 

In the case of a larger installation base, 
creating a proof of concept can help SMEs 
avoid potential pitfalls when performing the 
upgrade across the entire organization. 
Tamblyn says this proof of concept should 
determine how to distribute the operating 
system and applications — for instance, if 



Action Plan 



Upgrading to Windows Vista (www.micro 
soft.com) represents a major undertaking, 
but following these steps from Avanade's 
(www.avanade.com) Gary Darbyshire, dir- 
ector of enterprise infrastructure, can help 
make the project a success. 

1. Application rationalization 

2. Hardware rationalization 

3. Evaluate the overall desktop life cycle 

4. Perform image development 

5. Perform infrastructure training 

6. Conduct end-user training 

7. Gauge support readiness 

8. Conduct communication planning 

9. Determine deployment logistics 

10. Conduct the deployment pilot 

1 1 . Perform acceptance testing 



imaging is used, images will need to be 
created for varied systems. Also included in 
the proof of concept is a pilot, in which Vista 
is rolled out to subset systems in a production 
test, and rollback planning, just in case. 

After the actual upgrade, experts recom- 
mend communicating heavily with the user 
base to receive feedback and provide nec- 
essary assistance and training. For example, 
satisfaction surveys can be distributed and 
compiled to determine areas of weakness 
that support personnel can focus on to im- 
prove user satisfaction. 



VoIP Security I 

Continued from Page 1 
money you are going to save, and all of this 
fun stuff, yet they are not addressing secu- 
rity [for VoIP]." 

The Revenge Of The SIP 

SIP was created for interactive communi- 
cations between users involving voice, 
video, chat, and other exchanges through 



SIP Protection Offerings 



SIP protection does exist. Juniper Networks 
(www.juniper.net), for example, offers the 
SSG 5, which the company says prioritizes 
VoIP traffic over a WLAN and offers Screen- 
OS real-time, which is a security-specific op- 
erating system for the Juniper Networks fire- 
wall and VPN platforms. Juniper Networks' 
IDP 200 protects VoIP infrastructures by de- 
tecting and mitigating SIP attacks through the 
use of its recommended-policy feature in its 
IDP 4.1 software. 

Paul A. Henry, vice president of technology 
evangelism at Secure Computing (www.secure 
computing.com), says his firm's Sidewinder 



isk Alert 

the applications layer of the OSI (Open 
Systems Interconnection) reference model. 
SIP is also the protocol on which the 
exploding adoption rate of VoIP telephony 
is based. Like most communications pro- 
tocols, SIP was designed for easy and 
straightforward implementation, while less 
attention was paid to locking down poten- 
tial security flaws. 



incorporates full VoIP and SIP protections. "The 
anti-malware scanning works across all proto- 
cols to assign a risk value to any and all scripts 
that may be sent encapsulated within a given 
protocol," Henry says. "After normalizing encap- 
sulated traffic, it analyzes all scripts to deter- 
mine any malicious intent." 

Among VoIP offerings with SIP protection from 
Cisco Systems (www.cisco.com) is the Cisco 
XR 12000, which is a router that provides ses- 
sion border control functions. The device offers 
both software and hardware support against 
VoIP-specific malicious attacks and provides 
whitelisting and blacklisting. 



SIP's vulnerabilities run the gamut and 
can give black hats the opportunity to take 
control of machines, access networks, initi- 
ate denial of service attacks, or destabilize 
systems. A CERT advisory warned of the 
acceptance of INVITE messages through 
SIP connections that destabilize systems, 
provoke denial of service attacks, or give 
black hats remote-access capabilities. 

Spamming multiple vulnerable ports with 
unsolicited phone calls and prerecorded mes- 
sages is also an emerging threat, says Errata 
Security (www.erratasec.com) Chief Exec- 
utive Officer Robert Graham. "The more 
these systems open up to the outside world, 
the more spam you're going to get," he says. 

Taking Action 

The vulnerabilities that the VoIP SIP har- 
bors are really not so significant that 
admins should shutter plans to implement 
VoIP telephony. In fact, most admins know 
firsthand that nearly every protocol and 
communications port poses risks. For VoIP, 
admins can take specific measures to pro- 
tect their networks' telephony connections 
like they do for any other application. 

Worrying about how secure your net- 
work's SIP server is also depends, of 
course, on whether a service provider offers 
the VoIP service or if it runs from a server 
internally that you manage. You still need 



VoIP SIP Threats 



Voice is just as vulnerable as most communi- 
cations ports. If left unprotected, black hats can 
use the SIP (Session Initiation Protocol) to: 

• Destabilize systems 

• Remotely take control of machines 

• Initiate denial-of-service attacks 

• Send voice-spam messages 



to do your due diligence if you rely on a 
service provider. 

"If a server is inside your company, then 
I would look to protect it. If it is a server 
that your service provider gives you, then 
you might want to ask the service provider 
what kind of protection they offer over the 
SIP server," says Avishai Avivi, director of 
the security engineering and research group 
at Juniper Networks (www.juniper.net). 
"But how many service providers have pro- 
tection and whether or not you can rely on 
it is a subject of debate." 

If your VoIP server sits behind your net- 
work, it's up to you to select the right fire- 
wall, while only a few vendors offer SIP pro- 
tection. "Your basic firewall won't do much," 
Avivi says. "What you need is something that 
can really understand the SIP protocol." 



Networking & VPN 



November 16. 2007 



Better IP Address Management 

New Infoblox Appliance Keeps It Simple, Central 



Too often, managing IP addresses 
involves spreadsheets, manual processes 
that ultimately lead to mistakes or being 
blown off for more business-critical tasks. 
Thus, it's prudent for SMEs to automate 
such processes so their limited IT staff can 
focus on more business-critical operations 

Infoblox announced the Infoblox IP AM 
WinConnect system, an IP address man- 
agement appliance with integrated soft- 
ware support for Microsoft DNS and 
DHCP services that automates the often 
times tedious processes related to adminis- 
trating IP addresses. It's important that 




SMEs should consider the impact of 
automating the administration of their IP 
addresses when considering this solution. 

With the IPAM WinConnect, SMEs can 
manage DNS, DHCP, and IPAM from a 
centralized console through a GUI offering 
graphical and hierarchical representation of 
the IP map and view detailed audit logs pro- 
viding administrative audit trails. If your 



SME has to comply with compliance pro- 
grams, IPAM WinConnect' s reporting capa- 
bilities will be a boon around auditing time. 
It also automates data backups of your IP 
address data under management. 

The power of IPAM WinConnect is the 
detailed audit logs providing administra- 
tive audit trails for regulatory compliance. 
The audit logs offer insight into historic 
and current IP usage, as well as automatic 
discovery of IP devices on the network. 
Moreover, delegated administration pro- 
vides granular, role-based administrative 
ownership where it is most appropriate 
while protecting the network as a whole. 

Infoblox is already an established appli- 
ance vendor, and the IPAM WinConnect 
runs on reliable, security-hardened Infoblox 
appliances running NIOSTM software for 
simplified installation and easy software 



updates. It also offers automated backup and 
restore to enable high uptime and eliminate 
data loss. It is agentless and does not require 
any modifications to existing Microsoft 
DNS/DHCP infrastructure for seamless 
installation and minimal maintenance. 



Infoblox IPAM WinConnect 



Secure appliance-based IP address management 
solution that automates what is traditionally a 
tedious and manual process 

(866) 463-6256 

www.infoblox.com 



Infoblox 



December 7, 2007 



Processor.com 



Going Green 
In The SME 



Looking For Ways To Save 
Energy & The Environment 



by Robyn Weisman 

• • • 

Green has reached the tipping point. 
Sure, the environment has been a latent 
concern for years, but nowadays news Web 
sites feature article after article about glob- 
al warming; a block of NBC comedies have 
a "green" theme; and Facebook partner 
Green Gifts offers virtual alternative cars 
and CFL light bulbs, among other items, 
for its users to send to their Facebook 
friends. 

But what does going green mean for your 
SME? Does it make sense financially to 
establish green initiatives? What steps can 
your organization take to put these initia- 
tives into action? 

Your Remote Access Strategy 

When people think about remote access 
strategies, they imagine a worker padding 
around the home office wearing pajamas 
and a sweatshirt or alternating between 
compiling a set of financials and children's 
T-ball practices. But increasing the scope 
and frequency of your remote access strate- 
gy does more than offer flexibility and per- 
haps a better quality of life. It is a major 
energy saver both in community terms and 
in terms of your organization. 

Chris Witeck, director of product mar- 
keting at network solutions provider 
SonicWALL (www.sonicwall.com), says 
that if businesses encouraged all of their 



Given that recycling is unavoidable in many cases 
(you can only do so much with a 1 5-year-old x86 
desktop), Redemtech (www.redemtech.com) 
CEO Bob Houghton makes the following recom- 
mendations. 

• Maintain complete accountability of the serial 
numbers of the assets being destroyed. 

• Be sure to recycle or reuse all electronic 
scrap to keep it out of the landfill. 

• Adhere to a zero-export policy because the 
out-of-sight, out-of-mind policy is not only 
socially reprehensible, but the environmental 
and health issues that result from such actions 
ultimately affect everyone, including you. 



employees to work from 
home one day per week, 
gasoline costs would be 
cut down dramatically. 
While this drop in petro- 
leum use might not 
directly affect business- 
es' bottom lines, it does 
allow employers to lay 
claim to the "green" 
angle with their employ- 
ees and the community, 
something that could 
matter depending on 
their location, Witeck 
says. 

But adopting a remote access strategy 
makes sense financially, as well, Witeck 
says. Job commutes, for the majority of 
workers, are just a headache, with employ- 
ees spending hours every day stuck in traf- 
fic — hours that could be better spent 
working. And continuing advancements in 
broadband, VoIP, Webconferencing, and 
other remote-access technologies makes 
the ability to work from home (or a local 
Starbucks) more seamless than ever 
before. 

And if your sales contingent is working, 
say, two days a week outside of the office, 
you can institute space and energy savers, 
such as assigning two employees to one 
desk. Because most applications and infor- 
mation are now being stored on the server, 




If You Have To Recycle . . . 



• Do not use incineration as part of the 
destruction process because incineration 
produces too many emissions to be sus- 
tainable. 

• Do not use prison labor because UNICOR 
(the electronics recycling division of Federal 
Prison Industries) fails to provide accountabil- 
ity either for prison workers' health or for 
where the recycled product ends up. 

Houghton says that the Basel Action Net- 
work offers a wealth of information on the 
impact of electronic waste and proper waste 
disposal and recommends it as a resource 
when formulating your environmental man- 
agement policy. 




employees no longer need to be tied to one 
desktop. If you cut down your footprint, 
you need less equipment to run the physical 
office, which will translate into energy sav- 
ings fairly quickly. Even employees who 
need to have a daily presence in the office 
benefit from this remote strategy because if 
they have additional work to do, they can 
burn their own midnight oil rather than 
yours. 

The Legal Aspects Of Being Green 

Bob Houghton, CEO at TCM (technolo- 
gy change management) provider Redem- 
tech (www.redemtech.com), says that an 
environmental management policy needs to 
be incorporated into your overall planning 
and purchasing strategy because once a 
product is taken out of use, issues of liabili- 
ty and adherence to regulations become as 
important as environmental ones. 

Houghton explains federal-level envi- 
ronmental policy has a peculiar tendency 
of being retroactive. In other words, you 
may have followed 2007 disposal and 
recycling regulations to the letter, but in 
2012 the laws might change, making your 
company liable retroactively. This sort of 
liability is difficult to manage, so it is 
important to prognosticate the most strin- 
gent environmental management policy 
possible. That way, you have a better shot 
of being completely compliant to future 
regulations. 

Houghton stresses that you must involve 
company senior management and legal 
counsel when formulating and deploying 
your environmental management policy. 
"Don't make these types of decisions ad 
hoc," he says. Leadership and IT need to 
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agree on policy, under- 
stand how much risk the 
company is willing to 
shoulder, and document 
the organization's compli- 
ance with environmental 
regulations. 

According to Houghton, 
too many organizations 
assume that if they recycle 
old equipment and obtain 
a certificate of destruction 
from the recycling out- 

rsourcer, they have done 
the green thing. Unfortu- 
nately, these certificates 
can be meaningless, both 
in legal and environmen- 
tal terms. 

"That stuff could be 
sent in a container to 
Pakistan or Malaysia," 
Houghton says. "You 
need to have a good audit 
trail that shows the plastic 
was sold here, the alu- 
minum sold there — that 
provides you with unas- 
sailable proof of responsi- 
ble recycling." 
Houghton says that the best environmen- 
tal management policy is to maximize 
reuse of assets or portions of assets when- 
ever possible. When assets are reused (for 
example, an old server finds new life as a 
print server), you save money, postpone 
legal worries, and ultimately reduce the 
manfacturing of new machines. 



Action Plan 



Think about your remote access strategy 
and consider increasing the days employ- 
ees work remotely. This cuts down on fuel 
(both in commuting and the amount of 
energy used to light, heat, and cool the 
office) and space requirements. 
Develop and implement asset disposition 
policies with company leadership. 
Make sure your environmental manage- 
ment policy protects you from liability, now 
and in the future. 

Focus on reuse whenever possible. 

Don't neglect the legal ramifications of your 

actions. 

Consider outsourcing your recycling and 
reuse needs because companies that offer 
these services have the resources to find 
customers for assets you no longer use. 
When considering an outsourcer, make 
sure the company assumes legal responsi- 
bility for your asset disposition. 
Keep in mind that going green isn't just 
some selfless, altruistic series of steps to 
make the world a better place— doing so 
increases your organization's efficiencies 
and saves you money in the long (and even 
the short) run. 
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A Master Enterprise View 

New ATEN KVM Bundle Provides Perfect Features 
For Monitoring & Maintaining Servers & PCs 



Today's data centers require convenient, 
space-saving, streamlined KVM equipment. 
ATEN's 17" Single-Rail LCD Integrated 
Console and MasterView KVM bundle is 
designed with those needs in mind. 

ATEN's economy LCD KVM console, 
CL1000M, integrates a keyboard, 17-inch 
LCD, and touchpad in a 1U Slideaway 
housing. Setup is fast and easy. There is no 
software to configure, no installation rou- 
tines, and no incompatibility problems. 
Slide the console module section out and 
flip up the cover, and you are ready to work. 



When finished, flip down the cover and 
slide the console module back into the rack. 

By using the CL1000M to manage your 
installation, you save space; elim- 
inate the expense of having to pur- 
chase a separate keyboard, moni- 
tor, and mouse for each PC if 
attaching to a KVM switch; and 
can take advantage of upgrad- 
ing your current system 

ATEN is now bundling 
the CL1000M with an 
eight-port MasterView Plus, 




which helps reduce the need for redundant 
hardware. With the MasterView Plus, you 
can control up to 512 computers with a 
single keyboard, monitor, and mouse. And 
it requires no software. 

MasterView Plus is more than a simple 
eight-port KVM switch. A built-in Auto- 
Scan mode lets you monitor every attached 
computer for a specified amount of time, 
while the on-screen display lets you assign a 
unique name to each computer 
■T and access it via a slick, menu-dri- 

Iven interface. A Quick View Scan 
feature makes it easy to monitor 
selected PCs, and hot-pluggable 

B !.«.?. f.l.Lf. - i 

O OGA6C)(:j6CiOOOO^C06 J 




capabilities mean you can add or remove 
PCs for maintenance without powering 
down the switch. The MasterView 's 1U, 19- 
inch rack-mountable casing and status-mon- 
itoring LEDs make it ideal for server rooms 
or other multicomputer environments. 



ATEN 17" LCD Integrated Console 
& MasterView KVM (model 
CLCS9138MKIT) 



Includes an eight-port KVM switch and a KVM con- 
sole with a keyboard, 17-inch LCD, and touchpad 

(888) 999-2836 ext. 3100 

www.aten-usa.com/CLCS91 38MKIT 
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Simpty Better Connections 
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Phone System Flexibility 

New Hybrid IP PBXes From TalkSwitch Provide 
The Right Mix Of Options For Nearly Any Company 



Phone freedom. TalkSwitch 
phones are tailor-made for the sys- 
tem. But unlike most phone systems, 
TalkSwitch doesn't tie you down to 
proprietary telephones. TalkSwitch 
works with any standard analog 
phone and selected IP phones. 

External IP and remote exten- 
sions keep you connected. With 
TalkSwitch systems, any phone, any- 
where, can be a remote extension. 
This includes cell phones, home 
phones, and phones in other offices. 
Calls can be seamlessly transferred 
and screened. Or plug a TalkSwitch IP 
phone in anywhere as an external IP exten- 
sion for complete extension functionality. 

Grow your own way. From two to 64 
users per location, there's a TalkSwitch to 
fit every small business. TalkSwitch units 
come in different sizes with hybrid con- 
nections, so you choose your own mix of 
networks (traditional and/or VoIP) and 
phones (analog and/or IP). 



New TalkSwitch IP PBX Offerings 




Phone 

Lines 


■EXTENSIONS- 

Analog/IP Pure IP 


VoIP 

Trunks 
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800 series 
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TalkSwitch's new lineup of hybrid IP 
PBXes mean customers have even greater 
flexibility in designing the ideal phone 
system for their business. 

New systems are available across each 
TalkSwitch series and, when combined 
with TalkSwitch's current lineup, provide 
a combination of lines, extensions, and 
other options for companies of nearly any 
size. And all TalkSwitch systems can be 
upgraded and networked together to a 
maximum of four TalkSwitch units with 
capacity for 32 incoming phone lines, 64 
local extensions, and 32 VoIP trunks per 
office location. 
TalkSwitch IP PBXes feature: 
Easy setup. TalkSwitch installation is 
fast and easy, so you save time and 
money, regardless of whether you chose 
to install the system yourself or call a pro- 
fessional. Plus, it's simple to change set- 
tings, so you don't pay a technician every 
time you add or move an employee. 




Branch Circuit 
Protection... 
Are you 
headed 
in the right 
direction? 



Circuit Breakers - Reliable and Resettable 



TalkSwitch IP PBXes 



A lineup of systems that can work with selected IP 
phones and feature easy setup and external IP 
and remote extensions 

(888) 332-9322 

www.talkswitch.com 

talkswitch 9 
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A Subsidiary of Eaton Corporation 



www.puhzzi.com 
1-877-PULIZZI 
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hergo 9 technical furniture 



T RACKM0UNT ENCLOSURES/CABINETS 



T RELAY RACKS 



#1 QUALITY SOURCE FOR 
WORKSPACE SOLUTIONS 



T LCD ARMS & ASSEMBLIES 




T OPEN RACKS I SERVER FARMS AND DATA CENTERS 



An original equipment 
manufacturer since its inception in 
1 992, Hergo remains a trusted 
source for technical furniture, 
computer enclosures/ cabinets, 
relay racks, LCD mounting solutions 
and command & control centers. 

We are technology people who 
understand your computing 
workspace needs. 

As part of our 100% customer satisfaction 
guarantee, Hergo offers free space design and 
consultation, including 3-D CAD drawings and 
simulated environment renderings to ensure 
maximized user space and productivity. 

Hergo is an approved supplier to all 
branches of the U.S. Government. 
GSA Contract # GS-29F-0133G 



888.222.7270 

hergo.com 
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JHE COMPETITION JUST GOT 

A LOT STIFFER 




Remote Server Management 



8» Digital KVM IP 




UHiaCprisole Remote 





UltrtiLinli 




L 




pwUnlL - — «zA 



UltraMatrix™ Remote 

Connects 1,000 computers 
to up to 256 user stations 

■ Multi-user, multi -platform KVM IP switch 

■ Supports PC, Sun, Apple, USB, UNIX, and serial devices 

■ High quality video up to 1 280 x 1 024 

■ Secure encrypted operation with login and access control 

■ Scaling, scrolling, and auto-size features 

■ View 4 computer connections using the quad-screen mode 



UltraConsole™ Remote 

Access servers & serial devices 
from anywhere in the world 

■ PC, SUN, UNIX, Linux, USB, and serial devices 

■ Supports serial devices such as routers, switches, and more 

■ Emulates VT100/VT220 terminals 

■ Secure encryption operation 

■ Scaling, scrolling, auto-size and quad screen features 

■ View 4 computer connections using the quad-screen mode 



UltraLink™ 

Manage & monitor servers 
from anywhere in the world 

■ High-quality video up to 1280 x 1024 

■ Secure encrypted operation 

■ Scaling, scrolling, and auto-size features 

■ Quad screen, real-time viewing of 4 computers 

■ Compatible with most KVM switches 

■ Available in single, dual, and quad models 



PC, Sun, Apple, USB, UNIX, Serial Devices 



KVM Switches 



I 





UltraMatrix™ x-series 
Expandable, multi-user switch 
for connecting 1,000 computers 

■ Multi-platform units have serial VT220 terminal emulation 

■ Advanced visual interface (AVI) 

■ Security features prevent unauthorized access 

■ Free lifetime upgrade of firmware 

■ Video resolution up to 1600 x 1280 

■ Multi-lingual Menu 



UltraView™ Pro 

Access or Manage 2 to 256 
computers from a single KVM station 

■ Economical 

■ Easy to use, install, and expand 

■ Audio and serial support 

■ Advanced visual interface (AVI) 

■ Security features prevent unauthorized access 

■ Free lifetime upgrade of firmware 



QuadraVista™ 
Display 4 computers 
on a single monitor 

■ View live, real-time data in each window 

■ Easily switch to and control each computer in 
Quad or Picture-in-Picture (PiP) mode 

■ Video resolution up to 1920 x 1200 

■ VGA and DVI video supported 

■ Supports USB and PS/2 computers 

■ On-screen menus for easy set-up 



Fiber, CATx, DVI/VGA, PS/2 or USB 



^ KVM Extenders 





CrystalView™ 

Extends keyboard, video, mouse, 
audio and serial up to 1000 ft 

■ Supports USB, PS/2, or Sun 

■ Serial and full stereo options 

■ Available in single, dual, or quad video models 

■ Supports video resolutions up to 1600 x 1200 

■ Video tuning and skew adjustments available 

■ Dual version allows another KVM near computer 



Cry srtal View™ Pro 

Extends keyboard, video, mouse, 
audio and serial up to 33,000 ft 

■ Supports DVI video resolutions up to 1 920 x 1200 

■ Supports Fiber or CATx cable 

■ Supports singlemode or multimode fiber cable 

■ Supports PS/2 or USB keyboard and mouse 

■ Supports for local KVM station 

■ Fully automatic KVM sharing 




ViewLink™ 

Extends keyboard, video, 

& mouse up to 1000' over CATx 

■ Automatic compensation and equalization 

■ Automated video skew adjustments 

■ Models available for PS/2, USB or both 

■ Video resolution up to 1600 x 1200 

■ Compatible with KVM switches 

■ Operating system independent 



Organize, Streamline Server Rooms 




RackView™ 

15", 17", 19", 20" LCD flat panels 
Fold forward & backward designs 

■ Built-in single or multiple user KVM switch options 

■ Supports AT/XT, PS/2 and Unix computers 

■ DVI and S-video options available on 19" and larger LCD 

■ LCD flat panel and keyboard can be sold separately 

■ Available with full size, full function Sun keyboard 

■ Optional multi-media version with TV tuner & stereo speakers 



rose us 

ROSE EUROPE 
ROSE ASIA 
ROSE AUSTRALIA 



281 933 7673 
+44(0) 1264 850574 
+ 65 6324 2322 
+ 617 3388 1540 




KVM Accessories 



RackView™ Panel Mount LCD 

Mounts vertically in a standard 
19" rack 

■ Available with a 15", 17", 19", 20", or 23" LCD 

■ 19" and 20" models support DVI and VGA inputs 

■ Resolution up to 1280 x 1024 

■ Fits in 7 - 9 rack units (Depending on model) 

■ DVI and S-video options available on 19" or larger LCD 

■ Quick and easy rack mounting installation 





VideoSplitter™ CATS 

Distribute, amplify & extend 
video to 6 or 12 monitors 

■ Video resolutions up to 1600 x 1200 

■ Each remote monitor can be up to 1,000' 

■ Optional Audio and Serial 

■ Easy to install 

■ Rack mountable chassis 



800-333-934 

WWW.ROSE.COM 

Rose Electronics 10707 Stancliff Road - Houston, Texas 77099 
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Product \^ Releases 



Clients 



■ Brother introduced its DCP-9000 
Series Digital Color Laser Copier/Print- 
ers. The network-ready DCP-9040CN and 
DCP-9045CDN digital color copier/print- 
ers use the same new single-pass laser 
print engine utilized in the HL-4000 
Printer Series and MFC-9000 All-in-One 
Series. As with the other color devices 
sharing the same print engine, users have 
the option of choosing standard or high- 
yield replacement toners. The DCP-9000 
Series features up to 21ppm print speeds 
for both color and monochrome printing 
and produces colorful output up to 2,400 
x 600dpi. In addition, the DCP-9045CDN 
offers a USB Direct Interface for compat- 
ibility with USB flash memory drives and 
PictBridge-enabled cameras. The DCP- 
9040CN has a 35-page auto document 
feeder, 300-sheet paper input capacity, 
64MB memory, and a two-line LCD dis- 
play. The DCP-9045CDN has a 50-sheet 
auto document feeder, built-in auto 
duplex for two-sided print/copy/scan 
capabilities, 128MB memory, and five- 
line LCD display. The DCP-9040CN was 
released last month, and the DCP- 
9045CDN will be available later this 
month. 



■ Fujitsu Computer Systems introduced 
the LifeBook S6510 and LifeBook 
S7210 14-inch widescreen display note- 
books. Both models are lightweight, 
with the LifeBook S6510 weighing 
just 4 pounds and the LifeBook S7210 
weighing 5.2 pounds. These notebooks 
use Intel Core 2 Duo processors and 
offer a modular bay that supports a num- 
ber of optional add-ons. The LifeBook 
S6510 and LifeBook S7210 notebooks 
offer a combination of physical, hard- 
ware, and software security features, 
including a biometric fingerprint swipe 
sensor, embedded TPM (Trusted Plat- 
form Module), and the integrated theft- 
deterrent security panel. In addition, 
the LifeBook S7210 offers a dedicated 
smart card slot. A variety of communica- 
tions options are available for both the 
LifeBook S6510 and LifeBook S7210 
notebooks, including a modem and 
an integrated Gigabit Ethernet LAN, 
the Intel Wireless Wi-Fi 4965AGN Net- 
work Connection, and optional Bluetooth 
wireless technology. In addition, the 
LifeBook S7210 notebook is available 
with the optional Atheros Super AG 
Wireless LAN. 



■ Kyocera Mita America has unveiled 
the KM-3040 and the KM-2540— two 
MFPs (multifunctional products) for 
departmental workgroups and small bus- 
inesses. These machines both include 
copy capabilities and can add network 
printing and faxing, which offer cus- 
tomers the ability to modify document 
imaging solutions to meet specific busi- 
ness needs. The KM-3040 and the KM- 
2540 have output speeds of 30 and 25 
pages per minute, respectively; 600 x 
600dpi; and 256 levels of grayscale. 
Also, each machine can upgrade to 
192MB of memory and includes features 
such as zoom, auto centering, and mirror 
image to boost efficiency and productivi- 
ty. Also, both machines offer a maximum 
paper capacity of up to 2,200 sheets, and 
users can switch paper sizes and types 
with just one button either from the ma- 
chine or from the desktop. 



Messaging & Telephony 



■ Sunbelt Software has announced its 
email archiving solution, SEA (Sunbelt 
Exchange Archiver). Features of SEA 



include integrated HSM (Hierarchical 
Storage Management), Direct Archiving, 
email continuity, and disaster recovery. The 
service also integrates with Microsoft 
Exchange, Outlook, and OWA (Outlook 
Web Access). Emails can be stored on a 
variety of different media, which mitigates 
the load on servers. 



Networking & VPN 



■ AdventNet launched the latest iteration 
of its ManageEngine DeviceExpert, which 
is the firm's flagship network change and 
configuration management product. Man- 
ageEngine DeviceExpert 5.0 now ships 
with network compliance monitoring ca- 
pabilities and a new reporting feature. 
Other features include the ability to check 
for compliance to internal/external poli- 
cies and standards; a newly streamlined 
user interface; automated compliance sta- 
tus monitoring and reporting; and network 
inventory, firmware inventory, network 
health status, configuration changes, user 
permissions, and network compliance 
reporting. DeviceExpert also adds support 
for new vendors, including Juniper, Dell, 
and Netgear. The Professional Edition 
annual subscription rates start at $795 for 
25 devices. 



■ Enterasys Networks announced Secure 
Networks for Virtual Data Centers, a 
hardware and software solution designed 
for connectivity and compliance in virtu- 
alized computing and storage. Secure 
Networks for Virtual Data Centers 
offers tools to automatically respond 
to the dynamic mobility of virtual ma- 
chines; enforce network access control 
policies; and comply with internal, in- 
dustry, or government regulations. The 
Secure Virtual Data Center features 
a security-enabled infrastructure of 
Matrix N-Series flow-based switches and 
Matrix X-Series high-performance rout- 
ers, which provide a capacity of 1,000 
Gigabit Ethernet or 256 10Gb Ethernet 
connections per rack. And with Ad- 
vanced Dragon security applications, the 
Secure Virtual Data Center provides in- 
trusion detection/prevention, network 
access control, and security information 
management to automate compliance 
audits and reporting. 



■ Exinda Networks has announced an 
enhancement to its WAN optimization 
appliances that helps control a wide range 
of recreational Internet traffic, including 
instant messaging, gaming, and down- 
loading entertainment-related files, that 
can slow business applications on cor- 
porate networks. The feature detects, 
blocks, or slows down encrypted P2P 
(peer-to-peer) traffic. Exinda says it is 
the only WAN optimization vendor 
that detects, classifies, and controls more 
than 1,000 applications that include 
encrypted P2P traffic; it can detect, 
classify, and control 98% of BitTorrent 
traffic. The company adds that its new 
feature classifies Skype and BitTorrent 
traffic using Layer 7 heuristics, while the 
company's new heuristics-based classifi- 
cation speeds data at up to 100 times 
faster than previously. Exinda' s new clas- 
sification engine will be available free 
next month to current customers as part of 
a firmware update. 



■ Stonesoft has announced the release of 
its StoneGate SSL VPN 1.1, a secure 
VPN product. Compatible with Windows 
Vista, StoneGate SSL VPN 1.1 is de- 
signed for fault-tolerant connectivity and 
enhanced ease of use and pairs with 
StoneGate Firewall. If an access point 
Go to Page 16 
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Skin starts to warm. 
Ice starts to melt 
Equipment starts to fry. 



For over 40 years, we've been 
the industry innovator in 
precision environmental control 

Specializing in: 

■ Precision cooling units built 
to your specifications. 

■ Short lead times. 

■ Advanced control systems. 

■ Ultra-reliable technology. 

DO 

DATA AIRE INC. 

The reliable choice in 
precision cooling equipment, 

714-921-6000 

Get your free Building Owner's 
Guide to precision cooling 
at www.DataAire.com 
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N+1 1 U Redundant 

EFRP-4553H 



N+1 2U Redundant 

EFRP-2553G 




1500W+550W Output Power 
N+1 Redundant Configuration 
Meet 1 U Rackmount System 



N+1 3U Redundant 

EFRP-3300SG 




• 550+550 watts Output Power 
Support to Dual Nocona Processors 
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EFRP-4463G 
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600W+300W Output Power 
N+1 Redundant Configuration 
Meet 3U Rackmount System 



PSIIType 1+1 Mini 
Redundant Power Supply 

EFRP-2462G 



460+460 watts Output Power 
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Continued from Page 15 
fails, StoneGate SSL VPN 1.1 is designed 
to automatically find a working one, 
which also aids in disaster recovery. Sign- 
on has been revamped with an adaptive, 
self-configuring setup and username and 
password access to all functions. The 
StoneGate SSL VPN 1.1 will be available 
next month. 



Physical Infrastructure 



■ The 6kVA Liebert GXT2 UPS, made 
expressly for 208V UPS applications, 
is new from Emerson. The 5U unit can 
be configured in a rack or as a tower. It 
can provide double-conversion online 
protection up to 4,200W. Its user-replace- 
able batteries provide up to seven min- 
utes of full-load runtime, which can be 
increased with optional external battery 
cabinets. 



Security 



■ Adlink released a new dual GbE 
PCI-X card that features bypass capabilty, 
which the company is targeting at content 
security, firewall, IDS, IPS, UTM, VPN 
gateway, and other network security 
appliance applications. The Adlink PCI- 
8246 card includes an Intel 82546EB 
dual-port GbE controller that supports 
full- and half-duplex transfers. It also sup- 
ports 32- and 64-bit PCI and PCI-X bus- 
es at speeds up to 133MHz. The card's 
bypass feature relies on a mechanical 
relay array and a watchdog timer that 
directly connects the GbE signals on 
the ports when the system crashes or 
is powered down. Users can configure 
the watchdog timer to automatically 



enable bypass mode during system fail- 
ures. The card is available in OEM quan- 
tities for $190. 



■ In a bid to help organizations that han- 
dle cardholder data and other sensitive 
information, AdventNet introduced an 
enhanced version of its network security 
scanner, ManageEngine Security Manager 
Plus 5. The updated software now sup- 
ports PCI DSS compliance, which enables 
users to determine at a glance if the sys- 
tems are scanning network resources for 
vulnerabilities, encrypting data transfers, 
and tracking passwords. ManageEngine 
Security Manager Plus 5 also works with 
AdventNet' s EventLog Analyzer system 
log management tool and the DeviceExpert 
multivendor network compliance manage- 
ment offering. The Professional Edition 
annual subscription rates start at $995 for 
50 systems. 



■ CoSoSys is targeting SOHOs with 
its updated Secure It Easy 1.2 software. 
The security software prevents unautho- 
rized portable storage devices, such 
as flash drives and external hard drives, 
from copying data that resides on a 
PC. The software now also has file-trac- 
ing functionality that lets it track data 
recorded to removable devices. Secure 
It Easy prevents data transfer to (and 
from) any device that hasn't been pre- 
authorized by the computer's administra- 
tor. Because the software also traces the 
information that is transferred to autho- 
rized devices, users have auditable infor- 
mation regarding data transfers from the 
PC. Secure It Easy supports Windows 
2000/XP/Vista and is available in 
English, German, French, and Romanian 



interfaces. CoSoSys offers a 30-day trial 
of Secure It Easy. 



■ Global DataGuard launched the 
Enterprise Unified Threat Manager++ for 
comprehensive security applications that 
can be managed from a single console. 
The security manager is capable of being 
personalized based on the needs of 
the user, including network behavior 
analysis, vulnerability management, glob- 
al event and threat management, intru- 
sion detection and prevention, firewall 
and log management, and network access 
monitoring and control, as well as third- 
party integration. The Enterprise UTM++ 
adapts to the system's information shar- 
ing to detect threats and issue alerts 
among all applications and appliances 
involved. Enterprise UTM++ is available 
for $1,000 per month from Global 
DataGuard. 



Servers 



■ Bull released the Escala EL460B, a 
POWER6 blade server, and AIX 6, an OS 
that provides virtualization capabilities. 
The Escala EL460B is a one-slot blade 
server with two sockets of dual-core, 
4GHz POWER6 chips. The POWER6 
blade server contains a SAS drive of either 
73GB or 146GB, and it can hold up to 
four memory modules for up to 32GB of 
RAM. The EL460B comes with an on- 
board dual Ethernet connection, but Bull 
also offers 10Gb Ethernet, Fibre Channel, 
and High-Speed InfiniBand connections 
through optional mezzanine cards. Version 
6 of AIX includes WPARs (Workload 
Partitions) to help enable advanced virtu- 
alization features, such as "cross-node" 



application mobility. The WPARs also 
provide a cloning mechanism to simplify 
the installation process for complete appli- 
cation environments. 



Storage 



■ Acronis has released Acronis True 
Image Echo, which lets users back up and 
restore physical and virtual servers. True 
Image Echo runs with all physical or vir- 



CD 



Acronis 



COMPUTE WITH CONFIDENCE 

WWW.ACRONIS.COM 

tual Windows- and Linux-based servers 
or desktop systems. The product also sup- 
ports virtual operating system configura- 
tion from VMware, Microsoft, and Par- 
allels. True Image Echo uses Acronis' 
Virtual Live Data Format to separate hard 
drive data from the underlying file format 
and platform dependency, Acronis says, 
to create a transportable image that's 
independent of the hardware platform, 
and users can restore directly to or 
from any virtual or physical machine. 
Other features include direct output 
of VMDK and VHD file formats, sup- 
port for dynamic disks, wake on LAN, 
VMware Consolidated Backup, and 256- 
bit archive encryption. The workstation 
version is $79.99, while server versions 
for Windows or Linux are $699. An enter- 
prise version is $999. 



ITS A 

PERFECT FIT! 

INTRODUCING: 

STOREVAULT S300 FOR UNDER $3K 

ENTERPRISE TECHNOLOGY 
FOR YOUR SMALL BUSINESS 
STORAGE NEEDS 

If you are looking for instant back 
up and data recovery, with RAID DP 
protection against dual drive failure, 
you've found the perfect fit. With NAS, 
iSCSI SAN, and DAS right out of the box, 
the StoreVault product family provides 
storage solutions that will grow 
with your business needs. NetApp 
enterprise-proven technologies 
provides a rich feature set including 
simple on-the-fly provisioning and 
off-site data replication. It's truly 
the perfect fit to maintain business 
continuity and regulatory compliance. 

The new S300 starting at under $3,000 
or the S500 starting at $5,535 



NetApp' 



Off-Site Replication 
Instant Backup and Restore 



Database / Email Storage 




Call us today at 800-206-5363 
Learn more about our Special Offers 
at www.storevault.com 




StoreVault S500 
2007 Winner! 
Windows IT Pro 
Editor's Best Award 



StoreVault. 



A NetApp Division 
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■ New from Aptare are its Storage- 
Console 6.5 and StorageConsole Capacity 
Manager products. StorageConsole 6.5 is 
an agentless, bridged platform that offers 
single Web 2.0 console access to backup 
reporting and storage management fea- 
tures. Meanwhile, StorageConsole Capa- 
city Manager serves up unparalleled detail 
on the capacity utilization of storage 
arrays, hosts, and applications, the com- 
pany says. 



■ ViaBack Recovery Plus, the data protec- 
tion service from Arsenal Digital So- 
lutions, allows users to balance the need 
for disk-based performance and reliability 
with market-proven and cost-effective 
secure tape options for long-term storage 
and transportability. This new service 
combines ViaBack, which incorporates 
deduplication technology and SATA- 
based disk support to maximize storage 
utilization rates and improve recov- 
ery point and recovery time objectives 
while establishing new levels of efficien- 
cy in storage with RecoveryPlus, an 
on-demand data protection service. Re- 
coveryPlus cuts storage deployment and 
operational costs while allowing users to 
allocate disk and tape resources to better 
manage specific backup options and envi- 
ronments. 



■ Network Appliance has released the 
SnapValidator for Oracle Database lOg, 
which proactively inspects and catches 
potential data corruption or loss, increas- 
ing data reliability while helping to cut 
risk and unexpected downtime. NetApp 
and Oracle offer users defense and sup- 
port for Oracle data, while eradicating 
the hardships associated with boosting 



the accuracy of their data. This includes 
unintended application errors, human 
errors that potentially copy data onto the 
incorrect storage resources, and data 
backup and restoration processes that 
make data vulnerable to damage or loss. 
NetApp and Oracle accomplish this 
through database awareness to NetApp 
modular storage systems. 




■ Reldata has introduced the 9240 SAS/ 
SATA Unified Storage System, which pro- 
vides integrated iSCSI SAN, NAS, and 
WAN replication. With the 9240 SAS/ 
SATA Unified Storage System, it is possi- 
ble to scale disk storage capacity, SAN/ 
N AS/WAN replication services, and net- 
work performance without interfering with 
application operations. The 9240 SAS/ 
SATA Unified Storage System includes 
Reldata' s 9000 Series Unified Storage 
Gateway with SAS and SATA storage. A 
9240 SAS Unified Storage System with 
1.75TB of storage costs approximately 
$60,000, and a system with 9TB of storage 
costs about $65,000. 



The search for a single supplier offering the 
widest choice of SATA and SAS controllers is over. 

All roads lead to Adaptec. 



■ Seanodes has announced Exanodes stor- 
age software for server virtualization. 
With Exanodes, companies can use inter- 
nal application server storage for a virtual- 
ized storage pool. With Exanodes' shared 
internal storage capabilities, companies 
can eliminate the amount of data center 
floor space and power consumption neces- 
sary under traditional storage technolo- 
gies. The product supports a sustained 
read/write speed of several gigabytes per 
second. In fact, Exanodes makes it possi- 
ble to rebuild RAIDs very quickly, so that 
even a full terabyte of data may be rebuilt 
in less than an hour. 



il 



improving the performance of SATA drives broadest range of SATA and SAS 



From entry-level to ur Unified Serial™ RAID controllers make Find out more about the industry's 

enterprise Storage, Adaptec improving the performance of SATA drives 

has the Widest Choice Of easv > provide the most advanced data 

Controllers for SATA and SAS protection, and offer the widest choice for 



easy, provide the most advanced data 



drives on the market today. 



PCIe, including industry-first 12- and 16- 



port PCIe controllers. 



controllers from a single supplier at 
www.adaptec.com/offerl613 or 



contact Adaptec sales at 



adapted 

www. ada ptec. com/of fe rl613 



Copyright 2007 Adaptec, Inc. All rights reserved. Adaptec and the Adaptec logo are trademarks of Adaptec, Inc. which may be registered in some jurisdictions. 
All other trademarks and logos used are owned by their respective owners. Adaptec, Inc., 691 South Milpitas Boulevard, Milpitas, CA 95035 
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Elizabeth Millard 

Know Your Backup Was Successful 

Backup Verification Options For SMEs 
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Physical Infrastructure 



Thermostatic Fan Control 




ISC 



Extend Your Equipment Life 

The Thermostatic Fan Control 
extends both equipment and 
fan life by varying the fan 
speed based upon tempera- 
ture. The fan control has three 
temperature ranges (80°-90°, 
85°-95°, 90°-100°) and can be 
set to operate the fan speed 
either proportional to tempera- 
ture, or to come on full speed 
when temperature threshold 
has been reached. The fan 
control can be mounted to rack- 
rail brackets or any flat surface. 



Information Support Concepts, 

Information Support Concepts Inc. 

(800) 458-6255 
www.iscdfw.com 



Physical Infrastructure 
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Coaxial Connectors Line 

Gerber Electronics is an authorized dealer of 30+ product lines 
and independently stocks many others in our 90,000 square 
foot warehouse. As a distributor for Corning Gilbert, our prod- 
uct line includes: 



• Pin Type Connectors 

• Splice Connectors 

• BAFF Connectors 

• KS Male/Female Adapters 

"Our Greatest Component is your Satisfaction" 



• F Series Accessories 

• Fiber Entry Connectors 

• Cable Assemblies 

■ Tools and Accessories 




Gerber Electronics 

(781)769-6000 
www.gerberelec.com 



Physical Infrastructure 



Clean Agent Pre-Engineered System 




• Cost-effective waterless fire 
protection for server rooms, 
telecommunications, data and 
document storage rooms, con- 
trol rooms, healthcare facili- 
ties, irreplaceable collections, 
and many more high value or 
critical assets 

• Industry innovation resulting 
in simplified system design 
and installation 

• System flexibility in a pre- 
engineered package 



Amerex Corp. 

(205) 655-3271 
www.amerex-fire.com 



Physical Infrastructure 




LCD Integrated Console & MasterView KVM 

• Includes eight-port KVM switch and a rack console with a 
keyboard, 17-inch LCD, and touchpad 

• Control up to 512 PCs from a single console 

• No software required— PC selection via front panel switch- 
es, hotkeys, or OSD (on-screen display) 

• Hot pluggable— add or remove PCs for maintenance without 
powering down the switch 

• Easy installation 



ATEN 

Simply Better Connections 



ATEN New Jersey 

(732) 356-1703 



ATEN Technology Inc. 

(888) 999-2836 ext. 3100 



www.aten-usa.com/CLCS91 38MKIT 



Physical Infrastructure 




Power Watch & Enviro Watch 

Remotely Monitor Rack Level Power, Temp & Humidity 
Enviro Watch 

• 8- and 16-port models 

• Each port connects to either a PDU or temp/humidity sensor 

• Intuitive browser interface for monitoring and administration 

• Set thresholds for email alerts, view graphs, or log data 
Power Watch 

• Vertical and horizontal rack PDUs up to 60 amps 

• Dual-corded models for redundancy or high density 

• Programmable LCD meter with local alarm 

• RS-232 port to communicate with Enviro Watch 



Data Watch 

(866) 325-1121 
www.data-watch.com 




Physical Infrastructure 




Meets any 
price! 



CoolCube 10 

RACK IT - STACK IT - MOUNT IT - HANG IT 
Tired of Overheated Server Rooms? The CoolCube 10 
Offers an Exceptional Cooling Solution for Electronics 

50% smaller than competitors, provides 10,000 btu/hr 
Installs into any 2- or 4-post 19" rack or is portable in room 
Automatic restart function for power outages 
Cost-effective for after-hours and weekend cooling 
Uses standard 1 15 VAC power source 



RACKMOUNT 

SOLUTIONS, LTD 

where customer service matters 



Rackmount Solutions Ltd. 

(866) 207-6631 
www.rackmountsolutions.net 



Physical Infrastructure 



Air Conditioned Server Cabinet 

• From 1 ,800 to 10,000 BTU 

• Rackmount and Sidemount 

• Three sets of L-shaped 
universal vertical rails 

• Base, casters, and leveling 
feet standard 

• Removable side panels 

• Lexan front door (or solid 
steel) w/ lockable handle 

• Steel rear door with lockable 
swing door handle 

• Avail, in heights of 24u, 30u, 
35u, 40u, 42u, 44u, 48u; 
depths of 24", 30", 36" and 
42"; widths of 19", 23"&24" 




RACKMOUNT 

SOLUTIONS, LTD 

where customer service matters 



Rackmount Solutions Ltd. 

(866) 207-6631 
www.rackmountsolutions.net 



Physical Infrastructure 



NETWORK Series Network Rack 



Need a COMM rack with the 
rack rails moved to one side 
to accommodate large cable 
bundles? 

You have the option to slide 
your vertical rack rails hori- 
zontally as well as vertically. 
Set your rackmount width to 
19 or 23 inches. Talk about 
versatility! 

Slide the rack rails to one 
side of the cabinet, allowing 
for additional 4 to 9 inches, 
of space on the opposite 
side to run large cable 
bundles. 



Rackmount Solutions Ltd. 

(866) 207-6631 
www.rackmountsolutions.net 




RACKMOUNT 

SOLUTIONS, LTD 

where customer service matters 



Physical Infrastructure 



Rackmount Enclosure Cabinet 



19" Enclosure 

42 U x 36" Deep 

4 Mounting Rails 

Front and Rear Lockable 

Doors, choice of Solid, 

Tempered Glass, or 

Perforated 

2 Removable and Lockable 
Side Panels 
4 Dual Wheels 

On sale and ready to go! 




^ hergo 



TECHNICAL 
WORKSPACE 
SOLUTIONS 



Hergo 

(888) 222-7270 
www.hergo.com 



Physical Infrastructure 



Technical Furniture 




x> hergo 



TECHNICAL 
WORKSPACE 
SOLUTIONS 



• 72"H x 30"W frame and leg 
assembly on flat levelers 

• (2) 30"W x 18.5"D mounting 
shelves 

• 30"W x 25"D leg mounted 

• Set of 1 9" rackmount brack- 
ets— 3.5"H x 1 2"D 

• (2) 30"W horizontal alu- 
minum tracks for mounting of 
flat panel monitor, keyboard, 
and mouse tray 

• Power/cable management 

• Optional locking and non- 
locking casters 



Hergo 

(888) 222-7270 
www.hergo.com 



Physical Infrastructure 



4 Post 19" Relay Rack 




§ hergo 



TECHNICAL 
WORKSPACE 
SOLUTIONS 



Vertical Mounting Space: 
12U,26U, 42U 
Offered in 3 Depths: 
24", 30", 36" Deep 
4 Heavy-Duty Steel 
Uprights 
4 Gliders 

Ships Knock-Down 
Easy to Assemble 



Hergo 

(888) 222-7270 
www.hergo.com 



Physical Infrastructure 



24 Receptacles 



LCD Display 
RS232 Access 

RPC 22 

24 Receptacle Remote Power Monitoring & Distribution 

Current, Voltage, Power, and Temp Monitoring 
LCD Screen Display 

RS232 Interface 120/208VAC 10,20,30A Models 
Power Distribution and Monitoring In One Unit 



BayTech 

(800) 523-2702 
www.baytech.net 
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Physical Infrastructure 



Transfer Switch 




4 receptacles 
per side 



RPC18 

8 Receptacle Power Control / Monitoring w/Trans Switch 

• Current, Voltage, Power, and Temp Monitoring 

• Automatic Transfer Switch 

• RS232 or Network Interface 120/208VAC 10, 20, 30A Models 

• Turn On, Off, or Reboot any or All Receptacles 



BayTech 

(800) 523-2702 
www.baytech.net 



Physical Infrastructure 



Galaxy Series 3-Phase Power Distribution 

• Single or Dual Input Cords 

• 2 Pole Circuit Breaker Protection 

• Horizontal Format 

• 208-240V 3-Phase Input at 20A, 30A, or 50A 



CYBER® SWITCHING 



® 



Cyber Switching 

(888)311-6277 
www.cyberswitching.com 



Physical Infrastructure 



Enterprise View CDU Manager 

Remote management of STI Sentry PDUs over IP 

View your entire system from Global View down to the rack 

level 

Centralized event logging with extensive logs and reports 
Thermographic mapping shows a visual depiction of hot 
spots in your data center 
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Server Technology, Inc 



Server Technology Inc. 

(800) 835-1515 
www . se r ve rtec h . co m 
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EliteRAID ER104I - Expandable SATA to iSCSI 

Revolutionary 4 + 4 form factor. 

Expanding up to 8 drives with ES104T, MS4T and MS2T or 
other eSATA JBOD unit with eSATA connection 
Dual Gigabit LAN supporting MPIO, up to 200MB/S. 
Supports RAID 0, 1 , 3, 5, 6, 30, 50, 60, and JBOD. 
Simple setup via easily accessible web interface. 
Supports the latest 1TB hard drive. 



ANS 
IGITAL 



www.sansdiqital.Corn 



Sans Digital 

(562) 949-1988 
www.iscsinas.com 



Physical Infrastructure 





RS232 Access 
8 Rebootable Receptacles 

RPC14 

8 Receptacle Power Control and Monitoring 

Current, Voltage, Power, and Temp Monitoring 
LCD Screen displays power monitoring information 
RS232 interface, 120/208VAC 10,20,30A Models 
Turn On, Off, or Reboot any or All Receptacles 




UUL 



BayTech 

(800) 523-2702 
www.baytech.net 



Physical Infrastructure 




Modular 3-Phase Power Distribution 

Designed to take a 3-Phase in-feed and distribute single 
phase power via Basic CDUs that can be placed anywhere in 
the cabinet. Each Basic CDU has an associated LED meter for 
simple load balancing. The Master unit contains the LED 
meters, temperature/humidity probe input, serial connection, 
IP connection, and exclusive link port to connect an expansion 
CDU for linking together CDUs on different power circuits. 



Server Technology Inc. 

(800) 835-1515 
www . se r ve rtec h . co m 
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Physical Infrastructure 




Sentry 30-A Fail-Safe Transfer Switch 

Provides fail-safe redundant power to single-power corded 
equipment 

Fast Transfer Rate— Power interruption will not affect equip- 
ment uptime or performance 

Patented arc-suppression and power in-feed sharing tech- 
nology extend product life and performance 
High Density— 100 to 240V and 16/32A 
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Server Technology/ Inc. 



Server Technology Inc. 

(800) 835-1515 
www . se r ve rtec h . co m 



Storage 





R8 IP Series- Dual GbE iSCSI 

2U 8-Disk High Performance RAID Storage 

ioStor™, the place for simple and secure storage solutions, 
introduces R8IP series, a RAID embedded network storage 
designed to meet small & medium businesses needs. 
Featuring 8 hot swappable SATA l/ll HDD, supports RAID 
0,1 ,3,5,6, JBOD and online storage management and comes 
with completely integrated service pack to ensure your 
investment. 



www. i os tor .com 



Store Simple & Secure 



ioStor 

(909) 297-1698 
www.iostor.com/R8IP 



Physical Infrastructure 



Classic Series - Portable Air Conditioning 



OO 
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Ideal For: 

• Server Rooms 

• Electronic Equipment 

• Primary, Supplemental, or 
Emergency Cooling 

Featuring: 

• Rentals and Sales 

• Installs in Minutes 

• Locations Nationwide 

MOVINCOOL 

PREFERRED DISTRIBUTOR 

Mwmcoa. spotcoa ana owee Pro aw 

rSfliSlSrKl tr*rtHiwfe til HI NJiO Dirpmilmii 



Atlas Sales & Rentals. Inc. 

THE PORTABLE COOLING & HEATING SPECIALISTS 

Atlas Sales & Rentals Inc. 

(800) 972-6600 
www.atlassales.com 



Physical Infrastructure 



Switched CDU CW-24V2 




Server Technology, Inc. 



Power cycle individual or 
groups of outlets to remotely 
reboot network devices. 

• 208V to 240V Single or 3- 
Phase power at 20 or 30A 

• Access and Security: Web 
interface, SSL, SSH, Telnet, 
SNMP, LDAP, TACACS+, 
and RS-232 access 

• Environmental Monitoring 

• Fuse Retractor 

• High-Density 24 IECC1 3 



Server Technology Inc. 

(800) 835-1515 
www . se r ve rtec h . co m 



Physical Infrastructure 



$1 ,900 

New Product! 




Rackmount LCD Drawer With KVM Over IP 

i-Tech Superstore for Rackmount LCD Console Drawer 

• 15", 17", 19", and 20" is also available 

• Optional with 8/16 ports KVM 

• New integrated with Remote Access via CAT5 and via IP 

• New SUN Solaris Rackmount Keyboard 

Free ground shipping for all rackmount LCD KVM drawers 



l-TECH 

COMPANY 



4DUNT SOL 



i-Tech Company 

(888) 483-2418 
www.i-techcompany.com 



Networking & VPN 




DS1M12 Stingray Multi-Function Instrument 

Powered from USB, Stingray needs no external power sup- 
ply. Stingray combines the functions of Oscilloscope, Data 
Logger, Spectrum Analyser, Volt Meter, Frequency Meter, and 
Signal Generator in a single instrument. Stingray features simul- 
taneous 12-bit sampling on both channels, a native sampling 
rate of 1 MS/s (20MS/S repetitive signals), and sophisticated 
hardware triggering, including delayed time base pulse width. 



Mil" 

EasySYNC 1 



EasySync 

(503) 547-0909 
www . easysy n c- ltd . co m 
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REVIEW . 



Comprehensive Source 
For Information Security 



"Computer Forensics" 
Presents Hands-On Examples 



by Elizabeth Millard 
• • • 

Data breaches and cyber attacks have 
become distressingly frequent, and many 
companies have found 
themselves under fire, 
despite stringent security 
measures. What's less 
publicized is the cleanup 
and documentation re- 
quired after the attacks; 
some companies and col- 
leges spend years putting 
together the information 
that's needed to go after 
attackers or shore up 
their defenses. 

Part of the problem, 
believes John Vacca, 
author of "Computer Fo- 
rensics: Computer Crime 
Scene Investigation (Sec- 
ond Edition)," is that 
there's a shortage of 
technologists with a 
working knowledge of 
computer forensics. Aca- 
demics who are teaching 



COMPUTER 
FORENSICS 

Computer Crime Scene Investigation 

SECOND EDITION 




Computer Forensics: 
Computer Crime Scene 
Investigation, Second Edition 

Author: John Vacca 
Publisher: Charles River Media 

Price: $49.95 
Format: Soft cover, 832 pages 



the topic lack real-world knowledge, he 
notes, and there aren't enough security spe- 
cialists who are well- versed in the topic. 
But the times are changing, he writes. Not 
only are more IT peo- 
ple interested in foren- 
sics, but the growing 
discussion among law- 
yers, judges, and govern- 
ment agencies should 
boost the topic to the 
fore. 

Thorough, 
Hands-On Guide 

In the meantime, for 
anyone wishing to get a 
jump on the emerging 
field, Vacca' s book is a 
useful and very thorough 
guide including hands-on 
examples in the form of 
case studies, projects, 
and checklists to provide 
readers with practical 
experience in compu- 
ter forensics evidence 
capture, analysis, and 



reporting, as well as information warfare 
countermeasures . 

An accompanying CD-ROM contains 
tools that help readers analyze their expo- 
sure to security risks, manage insider- 
driven risks, and put into use the practical 
information contained in the book, such as 
evaluating the strength of user passwords 
and selecting a firewall topology. 

Comprehensive Overviews 

Vacca, who has served as a computer 
security official with NASA, is intent on 
creating the most comprehensive tool for 
computer forensics available, and to a large 
extent, he succeeds. Not only does he out- 
line the types of computer forensics tactics 
available, but the book is also a good 
primer for security in general. Those new 
to the field can first get an overview of 
intrusion detection systems, firewalls, stor- 
age-area network security strategies, and 
wireless network security. 

From there, tactics for forensics abound, 
from duplicating and preserving digital 
evidence to identifying relevant data to 
fighting macro threats. Throughout, the 
material is presented in bite-sized para- 
graphs that lay out the information in 
straightforward, easily digestible bits. 
Every company is at risk for attack, he 
posits, but with some knowledge about 



Key Concepts 

y From the moment a computer is recog- 
nized as compromised, documenting should 
begin. 

y Documentation should hold to a general 
standard: If someone with comparable 
knowledge picks up the first examiner's 
notes, he or she should be able to reach the 
same conclusion after following each step. 

y Documentation should include the basic 
who, what, when, and where criteria. 

y Companies have to keep track of their dam- 
ages when responding to an intrusion threat 
for purposes of criminal prosecution, which 
includes costs associated with detection, 
repair, and prevention of future intrusions. 

y To keep logs from being destroyed by 
malicious intrusions, system operators can 
output some logs to a CD-ROM device; this 
can be a more expensive route but will fre- 
quently offer greater security. 

y Two separate backups of every relevant 
file and image should be made to protect evi- 
dence. The media a company chooses to use 
will depend on size, speed, and cost issues. 

y To ensure that your network connections 
are secure, verify that there are no accounts 
for terminated employees, check for any 
manufacturer default passwords, verify that 
any open ports are disabled, and have the 
mindset of "deny all except that which is 
explicitly stated in the rule set." 

computer forensics, an organization can 
minimize potential damage, and it can 
even facilitate data recovery in a more 
effective way. 



Networking & VPN 




Prices starting at 

$1 ,499 

with no per-port or per-server license fees. 



Barracuda Load Balancer 

The Barracuda Load Balancer integrates server load balanc- 
ing and network intrusion prevention into an affordable and 
easy-to-use network appliance. Ideal for data centers with: 

• Internet sites with high traffic requirements 

• Hosted applications using thin-client architectures 

• Other IP services requiring optimal performance 



ARRACURA 

NE TW DKS 

Barracuda Networks Inc. 

(888) 268-4772 
www.barracuda.com 



Services 



PoS Sales & Maintenance 




Pegasus Computer 
Marketing, Inc. 



PoS (Point-of-Sale) Barcoding 
/ Scanners / Barcode Printers 

Sales & Maintenance 

• Quality Service 

• Experienced Technicians 

• Fast Return 

• Servicing Major Brands 

Symbol • Intermec • Zebra 
Metrologic • Cisco Access Pts. 

Call Us Today! 



Pegasus Computer Marketing Inc. 

(800) 856-2111 
www.pegasuscomputer.net 



Networking & VPN 



Managed Switch Port Mapping Tool 

Windows software tool that communicates with a managed 
ethernet switch via SNMPv1/v2c and maps the physical port 
connections to MAC and IP addresses of the attached 
devices. 



NorttiWest 
Performance 
Software, inc. 



NorthWest Performance Software Inc. 

(866) 882-3389 
www.nwpsw.com 




Attention Manufacturers: 

Advertise Your Products 
In Processor's Showcase 
Product Directory! 



Proven publication in 
business since 1979 
Color picture 
Detailed, editorial-style 
product description 
Internet exposure via our 
Web site; Processor.com 
Only $176 an issue 




Call Us Today At 
(800) 247-4880 



Iessaging & Telephony 



iMailArchiver 

GFI MailArchiver For Exchange 

• Archive all email to multiple SQL databases and NTFS drives 

• Reduce storage requirements for email by up to 80% 

• End PST by storing email in SQL format or an NTFS drive 

• Provide end users with a single, Web-based location in which 
to search all their past email 

• Advanced email search and Save Search capabilities 

• Restore archived emails through Oneclick Restore 



GFi 



GFI Software Ltd 

(919) 379-3397 
www.gfi.com 
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Making Small Storage Big 



My Vista OS laptop seems to take 
forever to come back from or go into 
hibernation, and sometimes I think I could 
catch a nap waiting for it to boot up. Pro- 
mised accelerators for the Windows OS 
using flash cache storage on hard drives or 
on the motherboard of my computer have 
yet to materialize. Maybe in 2008. . . . 

I know that there are a few other items 
that the guys from Redmond are working 
to fix in Vista first, but I guess I don't have 
much patience. It is often fast- 
er to write something on a 
scrap of paper than put it in my 
computer. Today's Windows- 
based machines could be a lot 
faster. Some of my friends 
with Apple computers speak 
highly of them, but I haven't 
used a Mac myself for several 
years. (I started out with one of 
the original Macs in 1985.) 
Now they can run Windows 
applications, as well. Maybe 
my next computer? 



the Intel Turbo Memory technologies in 
past columns. 

A just-announced product from SanDisk 
called Vaulter is a flash-based, standard- 
sized mini PCI-E module that connects to 
the PCI Express interface inside a PC. Folks 
from SanDisk tell me that the operating sys- 
tem and/or applications can be put on and 
run from the Vaulter, giving faster computer 
response while the hard drive is used for 
mass storage of the data. The product is 



Tom Cough un 



§ Tom Coughlin is the author of numerous 
h authoritative reports on digital storage and 
^ its applications. He is also the founder 
and organizer of the annual Storage Visions 
Conference (www.storagevisions.com) and lead 
consultant for Coughlin Associates, which 
provides digital storage technical and market 
analysis and consulting services. Coughlin is a 
frequent writer and international speaker on digi- 
tal storage and storage applications. You can find 
out more about him at www.tomcoughlin.com. 
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All Flash Is Cache 

So those of us sitting in front of our 
machines waiting to work would love to 
have some options to make things faster. 
Flash-based cache and flash accelerators 
with the operating system are interesting 
options. These are examples of using flash 
and hard drives together to provide a mix 
of a cost-effective mass storage (using the 
hard drive) and higher performance. I have 
written about the Vista ReadyDrive and 



currently available with 8 and 16GB capaci- 
ties, which may work for some applications, 
but not every Vista installation will be able 
to be stored entirely on that size flash mem- 
ory. I look forward to learning more about 
this product in the next few weeks. 

Computing With A One-Track Mind 

The BIOS is an often overlooked but 
very important part of a computer. BIOS 



stands for Basic Input/Output System. It is 
a chip on the computer motherboard that 
performs basic computer functions that 
make the computer operational. The com- 
puter operating system runs on top of and 
uses the basic BIOS functions. In many 
regards, a BIOS is a lot like a small proces- 
sor, similar to those used in many simple 
consumer devices. Several companies offer 
BIOS chips. Among the larger BIOS ven- 
dors is Phoenix Technology. Phoenix 
recently announced a technology that uses 
the BIOS to help launch some applications 
much faster. 
The Phoenix HyperSpace technology is 
built on top of the BIOS and 
should be available on new 
Windows computers within 
nine months. HyperSpace is 
said to allow a computer to 
boot within four seconds to 
a screen where the user can 
do some basic tasks, such as 
running a Web browser or 
launching a DVD movie. 
The product uses "visuali- 
zation" to create separate 
regions of parts of the com- 
puter memory and the hard 
disk to run these simple 
applications. The resulting 
"virtual space" is called AppSpace, where 
users can start preinstalled programs that 
are loaded with the shipping computer 
from the vendor. The Phoenix software 
requires 100 to 200MB of main memory. 
The technology costs about $10 per 
license. 

While the user uses the application run- 
ning in his AppSpace, Windows Vista con- 
tinues to boot in the background. The user 



will be able to switch to Vista by pressing 
the F4 key. Examples of programs that 
could be run in AppSpace are Linux-based 
movie players, an Internet phone, instant 
messaging, email, or a Firefox Web brows- 
er. If all you want to do is watch a DVD 
movie, then you can choose not to boot 
Vista, which can save on laptop battery life, 
reportedly adding up to an hour of extra 
battery life. 

AppSpace is also said to provide a "sand 
box" for new feature development separate 
from the main OS. Because this area only 
runs safe and secure programs, it prevents 
hackers from taking over the rest of the 
computer. Security vendors and computer 
administrators could use a part of App- 
Space called ManageSpace to improve a 
computer's security or otherwise perform 
maintenance from afar. 

What Condition My Condition Was In 

There is a crying need for technologies 
that speed up the performance of computer 
systems. As we put more content with 
higher resolution on these devices, access- 
ing and using this content becomes a big- 
ger challenge. The idea of using only the 
computer resources needed to perform 
individual functions makes a lot of sense to 
me. So does the idea of using different 
sorts of storage products together to pro- 
vide a better overall user experience. Com- 
bining effective storage hierarchies and 
virtualization solutions on computers in 
general should result in better machines. 
Keep on computing, and best wishes for 
the New Year! 

Send your comments to 
torn @ processor, com 
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C6751A OfficeJet K80XI $85 Q1273A 

C8392A 71 1 0XI AIO $1 45 C1 31 6A 

C9660A LaserJet 4600 $750 Q5916A 

DesignJet 1 550CM+ 36" $6,995 C6074B 



^C6075B 



Color LaserJets 

LaserJet 8500DN $1 ,895 

LaserJet 8000DN $495 

LaserJet 4600DN $750 

LaserJet 2500L $345 

LaserJet 4550N $545 

LaserJet 4550DN $650 

LaserJet 8550DN $1 ,495 

LaserJet 5500N $2,350 

LaserJet 9500N $4,750 

LaserJet 9500HDN $5,500 

LaserJet 5500DTN $2,495 

LaserJet 5500HDN $2,795 

LaserJet 3500N $695 

LaserJet 3700N $1 ,295 

LaserJet 1500L $395 

LaserJet 4650DN $2,095 

LaserJet 2550L $275 

LaserJet 5550DTN $3,375 
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Plotters 

DesignJet 750C+ 36" $1 ,895 

DesignJet 755CM 36" $2,095 

DesignJet 800PS 42" $4,795 

DesignJet 1055CM 36" $4,995 

DesignJet 2000CP 36" $1 ,995 

DesignJet 5000PS 42" $5,295 

DesignJet 5500PS 60" $1 1 ,995 

DesignJet 4000PS 42" $10,995 



Call for all New and Used 
HP Equipment! 



• All above equipment is refurbished and 
carries a 90-day parts & labor warranty. 

• Visa, MasterCard & American Express accepted. 

• Many orders shipped the same day! 
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DesignJet 4000 42" $8,995 

9100C Digital Sender $1,195 

9200C Digital Sender $1,975 

DesignJet 1050C+ 36" $5,495 

y 

LaserJets 

LaserJet4 $175 

LaserJet 4+ $195 

LaserJet 4M+ $325 

LaserJet 5SI $495 

LaserJet 5SI MX $495 

LaserJet 5 $250 

LaserJet 5M $295 

LaserJet 5000 $695 

LaserJet 4000 $295 

LaserJet 4000N $325 

LaserJet 4050T $395 

LaserJet 4050TN $445 

LaserJet 8150 $595 

LaserJet 81 50N $595 

LaserJet 81 50DN $795 

LaserJet 41 00 $495 

LaserJet 41 00N $595 

LaserJet 41 00TN $695 

LaserJet 41 00DTN $895 

LaserJet 9000DN $2,795 

LaserJet 9000MFP $4,795 

LaserJet 3300MFP $325 

LaserJet 41 00MFP $1,295 

LaserJet 51 00 $895 

LaserJet 51 00TN $1,095 

LaserJet 4200 $695 

LaserJet 4200N $795 

LaserJet 4200DTN $1,295 

LaserJet 4300N $1,095 

LaserJet 9050DN $2,995 

LaserJet 4345MFP $2,250 
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www.360tech.com 
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Your Complete Resource For Printing Equipment And Accessories 



Phone: 614-444-4438 
Fax: 614-449-5649 
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HP 450C Mobile 


• Large Variety of Name Brand Printers 

• Confirmed Orders and Tracking 

• Refurbished 

• New 


HP1320N 
HP 2430TN 
HP 4350TN 
HP 2840MFP 


• Factory Refurbished 
^^^^^ • Quantity Discounts 


HP 9050MFP 
HP 5550DN 




HP 9200C 




Lexmark E342N 




Lexmark C920 




Lexmark C760N 




Lexmark T640N 


We are an authorized reseller for New and Refurbished HP, IBM, Oki Data, and Lexmark Printers 


Call for our complete list of printers and accessories! 




Toll Free: 888-883-0360 Tel: 512-266-7360 Fax:512-266-7366 IM:HPat360 



Thanks to DMD, we 
don't have to sit on 
our old computer 
equipment anymore. 



When it comes to IT equipment 
liquidation or disposal, we are 
serious. Let us worry about data 
security and destruction, EPA 
regulations, transportation, down 
time and insurance. Don't tie up 
your resources or take chances with 
your data or environmental issues. 

Call DMD today! 
(877) 777-0651 



We Purchase: 

Computers/Laptops 
Networking Equipment 
Power/Environmental 
Telecom/ Network 
Complete Data Centers 
Printers 



We Offer: 

Asset Tracking/Reporting 

Deinstallation/PackingATransport 

DOD Level Data/Mechanical Destruction 

EPA Recycling/Reuse 

Ongoing Support Plans 

Technology Refresh/Install Programs 



Find out why some of the top U.S. companies and Government 
Agencies call DMD Systems Recovery. 



DMD SYSTEMS RECOVERY, INC. 

A Slightly Different Company™ 
Toll Free: (877) 777-0651 Phone: (602) 307-0180 Fax: (602) 307-0U 
Internet: www.dmdsystems.com 
Providing QUALITY GOODS and SERVICES for Industr 
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NAID 

Member of AFCOM, Better Business Bureau, Chamber of Commerce. HP Authorized. Member of NAID (National Association for Information Destruction, Inc.) 
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Product of the Week 



ATEN Eases Server 
Management For SMEs 



KVM Switch Provides Secure 
Local & Remote Access 



by Curt Harler 
• • • 

When the time comes that IT needs to 
reach out and touch a computer, whether in 
the building or at some remote location, the 
KN2116 from ATEN Technology (888/ 
999-2836; www.aten-usa.com) lets them do 
just that. The newest members of ATEN's 
family of enterprise-class KVM solutions 
are the KN2108/2116 CAT 5 KVM solu- 
tions. They are available in 8- and 16-port 
units with over-IP access and support for 
RADIUS servers. They support lOBase-T, 
100Base-T, TCP/IP, and HTTP. ATEN 
calls its line the ALTUSEN enterprise-class 
KVM solutions. 

"KVM switches are excellent tools for 
reducing enterprise costs and improving IT 
efficiency for organizations of all sizes," 
says Andre Girard, analyst with Venture 
Development Corp., aka VDC (www.vdc- 
corp.com). "These devices can significantly 




ATEN 

Simply Better Connections™ 



ODUCT OF THE W 



ATEN 

Technology 
KN2116 

Description: Enables SMEs to manage 
servers and other network devices either in 
their data centers or from remote locations 

Interesting fact: ATEN says it is the largest 
KVM manufacturer in the world. 

(888) 999-2836 
www.aten-usa.com 



conserve valuable data center space, lessen 
personnel costs, make server management 
more effective, and reduce costly downtime 
for enterprises," he says. 

Spotlight On Features 

"The KN2116 is a good choice for racked 
servers that are accessed via remote IP from 
the outside, as well as where local console 
access is also needed," says Keith Renty, 
business and product development manager 
for ATEN. "It also is useful for satellite 
offices, isolated server closets, and certain 
retail or manufacturing environments." 

The KN2116 supports 16 computers 
directly with discrete simultaneous 
access by two remote users and one 
local user, so three different computers 
may be viewed or controlled at once. 
Multiple KN2116s can be cascaded up 
to three levels with other compatible 
ATEN KVM switches to control up to 
1,024 computers, although separate IP 
access to noncascaded switches may be 
preferable for greater user throughput and 
to avoid switch-to- switch cabling. 

Two IP users may select a different target 
computer, and up to 32 remote IP users can 
log in concurrently. Multiple users can share 
access to the same computer for collabora- 
tion, troubleshooting, or training. 

The KN2116's PON (Power over the 
Net) serial port connects to various ATEN 
PDUs so power can be remotely controlled 
for connected servers or other devices. This 
is useful in power cycling a locked-up plat- 
form, Renty says. It is also handy for bring- 
ing dormant backup machines online. 

Connection to the computers is via low- 
bulk CAT 5 cabling with server interface 
modules, or "dongles." According to 
Renty, "This allows the switch to accom- 
modate computers with various video con- 
nections, as well as those with PS/2, USB 
(for PC, Mac, and Sun), Mini DIN-8 Sun, 
and RS-232 ports." Computers can be up to 
130 feet from the switch. 

It is no surprise that the KN2116 has 
excellent video resolution and multisession 
visual capability. Remote users can take 
control using either the provided Windows 



client or a standard Web browser running 
ATEN's Java client. There is no charge for 
client software, Renty notes. The client 
ensures that remote access to the KN2116 
is platform-independent. It allows operators 
to exchange keyboard, video, and mouse 
signals with computers attached to the 
KN21 16 as if they were present locally. 

The KN2116's detachable front panel 
connects to the rest of the switch via a 
coiled cable. "This allows the various indi- 
cators and the manual port selector switches 
to be at the front of a deep rack, where they 
are easy to see/use, while the connectors 
can be mounted to the rear rails for easy 
cabling access," Renty says. The unit's 




front and rear panels can be mounted to the 
same set of rails, useful in a single-rail, free- 
standing, datacom-type rack, he adds. 

Enhanced Security 

The unit has trilevel security with super- 
administrator, administrator, and user class- 
es of access. There can be up to 64 users 
with unique names and passwords and 
unique server access. 

The administrator- set automatic logout 
feature automatically logs out any user 
after there is no activity for a specified 
interval. This prevents a distracted remote 
user from tying up port access and removes 
a potential security breach. The admin can 
also limit the number of login attempts. 
The switch's log server function allows the 
admin to install a log file on any server. All 
events that take place on the switch are 
then written to a searchable database. 

"Lost admin passwords can only be 
recovered locally, which reduces the chance 
of mischief from an external IP connec- 
tion," Renty says. Online, the system sup- 
ports strong security with passwords and a 
choice of 1,024-bit RSA, 56-bit DES, or 
256-bit AES encryption, as well as 128-bit 



SSL, among other protocols. The admin can 
set IP and MAC filters (up to 100 each) to 
restrict access to specific hardware plat- 
forms and from specific network locations. 

Success Now & In The Future 

ATEN has several new KVM models 
with varying numbers of ports (up to 40 per 
1U chassis), varying numbers of users, as 
well as other enhancements, which the 
company will announce next year. 

"ATEN is one of the big three in the 
global KVM market, along with Avocent 
and Raritan," VDC's Girard notes. "They 
have gained significant market share in the 
past couple of years." 

Girard points to ATEN's low-cost manu- 
facturing ability in Asia as one of the rea- 
sons it is doing well. "They are strong in 
the enterprise market," he says. 

The company is ISO 9002-certified. It has 
a facility in Taipei, Taiwan, that operates 
advanced surface mount technology equip- 
ment and a state-of-the-art computerized 
warehouse. ATEN's multiangle Automated 
Optical Inspection system provides quality 
control for PCB (printed circuit board) sur- 
face, solder joint, and component defects. 

Still, ATEN may see heavy competi- 
tion from what Girard calls "disaggre- 
gated" units — those remote-manage 
consoles that offer one-to-one device 
management. These units require no 
rack space, and their form-factor often is 
a dongle hanging off the server. "The 
industry is moving toward embedded 
management," Girard says. 
ATEN's answer is its CAT 5 port that 
improves cable management through the use 
of thinner cables, reducing clutter in the rack. 
"The KN2116 is an economical and power- 
ful solution for server management in small 
to medium- sized enterprise data centers, as 
well as satellite offices and isolated server 
closets," Renty says. "It supports almost all 
modern hardware platforms and operating 
systems and provides both local and remote 
accessibility with no need for additional 
hardware or software purchases." 



ATEN KN2116 
Quick Stats 



Number Of Ports: 16, can be cascaded to 
1,024 

Users: 32 remote IP users simultaneously 

Shelf Space: One rack unit high 

Security: 1 ,024-bit RSA, 56-bit DES, or 256- 
bit AES 

Software: Java client included 

Supports: 10Base-T, 100Base-T, TCP/IP, 
and HTTP 
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HP Color LJ 
4700DN 
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HP LJ 4250N 
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HP LJ 9000 
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Over 150 different HP LaserJet printer models in stock! 

Buy your HP laser printers from the industry leader. When you purchase 
a printer from GPS you are buying the best refurbished printers available. 
We offer a one year warranty on printers and free technical support for 
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Reining In Users ' 
Network Activities 



Three Steps To Enforcing 
Acceptable Use Policies 

by Sandra Kay Miller 
• • • 

Sending jokes to friends and co-work- 
ers, doing some online shopping, listening 
to streaming music, checking the weather 
and Web-based personal email accounts — 
all fairly innocuous activities that millions 
of employees do each day during working 
hours. The reality is they are using corpo- 
rate assets, including computers, email, 
bandwidth, the Internet connection, and 
perhaps most importantly, time. 

Increasingly, organizations are put at 
risk and have even become liable for the 
online behavior of the users. Lawsuits 
from inappropriate emails and hours lost to 
personal online use, such as Fantasy 
Football, are costing employers millions of 
dollars each year. 

However, lost productivity has been 
eclipsed by significant financial risks and 
security issues. Panda Security (www.panda 
security.com), an antivirus and antispyware 
vendor, has found in its research that nearly 
40% of all Internet browsing at work is per- 
sonal and that two out of three visits to sites 
hosting pornographic materials occur during 
business hours. These sites, along with P2P 
applications, are often launching points for 
malicious code and spy ware. 

The growing propensity for litigation 
due to inappropriate employee use of cor- 
porate email, such as sending sexually 
explicit or racist materials to co-workers 
and external recipients, has also driven 
employers to crack down on the content of 



nonwork-related materials sent through the 
company Web server. 

In an effort to rein in the use of corporate 
resources, many organizations are instituting 
acceptable use policies. Charles Thompson, 
manager of sales engineering for Network 
Instruments (952/932-9899; www. network 
instruments.com), says there are three basic 
steps to setting up and enforcing an accept- 
able use policy. 

Step One: The Type 

First, organizations need to define the 
type of acceptable use policy they want to 
deploy. Thompson has seen policies scale 
from the very lenient to the extremely 
strict. Lenient policies typically limit the 
acceptable use of the network to only non- 
offensive material, meaning that a user is 
welcome to browse Web sites, such as 
those for sports and hobbies, as long as the 
content of those sites is not considered 
offensive. A more stringent policy focuses 
on allowing company equipment and re- 
sources to be used to only access work- 
related materials. 

"It's going to be a decision based upon 
what the organization wants their liability to 
be. Obviously, the more restrictive the poli- 
cy, the less liability for potential lawsuits. 
Additionally, from a technology perspec- 
tive, the more restrictive the policy, the less 
bandwidth that needs to be made available 
to the overall network because there will be 
less contention for network resources from 
nonwork-related resources (i.e. streaming 
audio and VoIP)," says Thompson. 

"When a large number of workers sud- 
denly access online material, for example a 
Britney Spears video on YouTube, they 



create a massive bandwidth demand on the 
company's network that everything just 
screeches to a halt," says Andrew Lochart, 
vice president of marketing for St. Bernard 
Software (www.stbernard.com), a provider 
of appliance-based and hosted security 
products. 

During the initial process of setting up an 
acceptable use policy, organizations need 
to examine both liability and resource con- 
sumption perspectives. 

Although a more restrictive policy may 
sound better at first, Thompson warns that 
tight controls require more resources for 
monitoring and enforcing policies. Orga- 
nizations are also finding that allowing 
employees to access online resources for 
personal use at the office can actually cut 
down on the time they spend away from 
their desks. "If they can shop online at 
their desk at lunch, they might be there for 
an important telephone call that benefits 
their company or not get stuck in traffic 
on their way back to the office," notes 
Thompson. 

Step Two: Enforcement 

Once an organization has defined the 
type of acceptable use policy it will use, it 
needs to choose how to enforce the policy. 
There are two types of enforcement: active 
and passive. With an active policy, technol- 
ogy is in place providing content filtering 
of network traffic. When a violation occurs, 
an administrator takes action to ensure the 
activity is discontinued. 

Solutions for active enforcement use a 
variety of technologies, including TCP 
resets or SNMP set commands and proxy 
servers for access control that will allow or 
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deny traffic based upon white/blacklists. 
Admins can block access outright or termi- 
nate it once they identify it as unacceptable. 
Thompson routinely witnesses organiza- 
tions using a hybrid of the two methods as 
they shoot for an active enforcement poli- 
cy. Lochart advocates filtering appliances 
attached to networks for delivering the 
highest performance and scalability for 
active enforcement. 

The alternative is passive enforcement, 
in which administrators observe all net- 
work traffic in the environment and then, 
based upon careful inspection of active 
protocols and applications, they can iden- 
tify potentially harmful and excessive 
traffic that violates the acceptable use pol- 
icy. "I see more and more companies 
choosing a passive approach because it 
allows them to be more relaxed and to 
make effective judgment calls on whether 
or not the material is really work-related," 
says Thompson. 

Step Three: Education 

Any acceptable use policy is meaningless 
unless companies first educate users about 
what is expected of them. "Employees need 
to know exactly what is and isn't accept- 
able," says Thompson. 

Lochart agrees: "A culture of security 
must be cultivated within the company so 
that it's not only the technology providing 
protection but the workers' attitudes, as 
well." Organizations need to be certain 
users understand the policies, and it 
should be enforced equally throughout the 
company. 

Human Resources has made signing off 
on an acceptable use policy a routine prac- 
tice for new employees. These policies can 
be a simple policy with generalized regula- 
tions or an in-depth document defining 
detailed aspects of using corporate assets. 
Forrester Research reports that a quarter of 
U.S. companies surveyed have terminated 
an employee in the last year for violating 
email policies alone. 

Due to rapidly changing technologies, 
Thompson warns against listing specific 
applications. "We've seen organizations do 
well with blanket policies, such as saying 
'any file-sharing applications are prohibit- 
ed.' Once, I saw an acceptable use policy 
where the company said employees couldn't 
use Napster, so they used Bit Torrent in- 
stead," he says. Even with a generalized 
document, there can be exceptions to the 
rules through user compliant documents, 
which state specific terms under which con- 
tent and resources can be accessed to con- 
duct legitimate business. 

Taking the time to set up and implement 
an acceptable use policy is a good invest- 
ment for any organization. By following 
these simple steps, companies can limit 
their risk from the repercussions of un- 
acceptable use, such as harassment law- 
suits, and conserve demands on the corpo- 
rate infrastructure. 



Solutions To Assist With Enforcing Acceptable Use Policies 



Enterasys Secure Networks 
Acceptable Use Policy Solution 

www.enterasys.com 

Network Instruments Gigastor 

(952) 932-9899 
www.networkinstruments.com 

Novell BorderManager 

www.novell.com 

St. Bernard Software i Prism 

www.stbernard.com 





A policy-based solution that secures the network from unwanted applications and protocols 



Captures and stores all transactions, packets, and protocols and delivers robust reports for 
examining traffic and user tracking 

Enforces policies through URL blocking and Web-based proxy monitoring 

An appliance-based solution delivering extensive blocking and user tracking features 
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Pyramid Computer, your leading 
provider of branded appliance solutions, 
now offers our 3 NIC family of PCI cards 
based on Intel chipsets. Available in PCI, 

PCI-X, and PCI express versions. 

Please visit our Web site for more information. 
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Solving 

Storage Overload 



Make A Smooth Transition To NAS 
With Sans Digital 



Zry Sue Hildreth 
• • • 

Early this year, Jeffrey Yao, owner of 
CA Imaging, knew he had a growing stor- 
age problem on his hands. Even before 
the company's one file server began 
showing signs of stress, Yao realized that 
the 3TB of content stored on the server's 
attached hard drives was almost more 
than it could handle. 

"We were using traditional ways of stor- 
ing information — using a regular server 
with multiple hard drives — and we started 
having a lot of bottlenecks," says Yao. 

For example, the server would slow sig- 
nificantly whenever too many users 
attempted to access the images or one 
user printed a very large image. CA 
Imaging — which hosts digital images and 
PDF files for a Taiwanese magazine and 
its U.S.- and Taiwan-based writers and 
designers — was clearly outgrowing its file 
server. 

The Move To NAS 

Yao realized he needed a different stor- 
age solution and in May decided to 
migrate from the old DAS (direct- 
attached storage) model — with drives 
attached directly to the file server — onto 
an NAS (network-attached storage) sys- 
tem. Unlike storage that is connected to a 
server, an NAS appliance is a self-con- 
tained device with its own operating sys- 
tem and file management software. That 
takes the processing burden off of the 
main server. 



"There are about 40 people accessing 
those files all of the time, both writers and 
production people, so we decided it would 
work better to separate the storage onto its 
own NAS server," says Yao. 

The company selected the Sans Digital 
(562/801-2888; www.sansdigital.com) 
AccuNAS AN208L NAS appliance to 
serve as the central storage device for 
the company. The AccuNAS series of 
NAS products is aimed at small and mid- 
sized enterprises. The five AccuNAS prod- 
ucts range from 
the AN104L and 
AN104W (L is for 
Linux-based and 
W for Windows- 
based) with four 
bays and up to 
4TB of storage, to 
the AN208W and 

AN208L with eight bays and up to 8TB 
of storage. 

The units come with either the Linux or 
Windows platform. In Yao's case, he opted 
to go with the Linux system, even though 
CA Imaging is a Windows shop. The reason: 
Linux takes up less overhead, in his view. 

"Linux seems more efficient running on 
the same hardware than does Windows. One 
reason is Windows has a graphical inter- 
face," he explains. "I don't need a Windows 
interface for my NAS server; my front end is 
my Windows server." He also notes that the 
Linux AccuNAS appliances support Active 
Directory Service to enable them to work 
easily in a Windows environment. 
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The AccuNAS provides a Web interface 
for administration. This allows managers to 
monitor and administer the storage from 
any location. It also allows CA Imaging to 
access its custom archival software via the 
Web — a major benefit for small companies. 



Implementation took approximately one 
month, says Yao, and involved moving 
files to the AccuNAS server, testing and 
retesting the system, and, finally, taking the 
new system live. "We had minimal down- 
time," he says. "It took about four hours for 
us to go live. It helped that we had every- 
thing planned out before we did it." 

Of course, that's not likely to be the end 
of Yao's storage purchasing plans. Just as 
file servers can become overloaded, so can 
NAS servers. Yao expects that it won't take 
very long for the existing AccuNAS unit to 
fill up. When that happens, he plans to buy 
additional units and link them, daisy-chain 
style, to the primary AN208L. By con- 
necting them in 
a serial fashion, 
he will be able to 
administer them as 
one storage reposi- 
tory, rather than as 
individual drives 
each connected to 
the central server. 
"I can chain them if we need to expand, 
so I can still centralize the administration to 
one unit, which was something I was not able 
to do with the old architecture," says Yao. 

To improve performance for the Taiwan- 
based production crew and writers, Yao 
purchased a second 208L appliance for the 
Taipei office. Now, all images and informa- 
tional files are copied over to the Taiwan 
appliance each night so that users there can 
access the files locally, via the proxy server. 

Supported Features 

The AccuNAS Linux products also sup- 
port iSCSI, a network protocol that allows 
the SCSI protocol to run over a TCP/IP net- 
work. It enables companies to create inter- 
nal SANs (storage area networks) — in 
which remote storage devices appear as 
local to PCs on the network — without 
the cost of Fibre Channel equipment. 
According to Sans Digital, Fibre Channel 
solutions require the purchase of a Fibre 
Channel card for each server, along with a 
Fibre Channel Switch and Fibre Channel 
storage device, with a cost of around 
$30,000 for the switch and storage solution. 

iSCSI support was a key feature for Yao. 
"That was the primary reason I chose it. 
Fibre Channel would be too much money 



and too much overhead for us. We were 
able to use our existing equipment with 
iSCSI," he explains. 

CA Imaging is now able to provide a 
SAN for local users, as well as a NAS sys- 
tem for remote users connecting over a 
VPN because both are supported by the one 
AN208L device. 

Another problem that had plagued CA 
Imaging' s remote users in Taiwan was the 
slow connection speed from Taiwan to 
the United States. Transferring files over 
the Internet was frustratingly slow. With the 
move to an NAS architecture, Yao also 
opted to purchase a second AN208L unit to 
act as a storage proxy server in Taiwan. 
Once every 24 hours, all of the content of 
the California-based AN208L is replicated 
to the Taiwanese unit. Writers and produc- 
tion workers can then get most of the files 
quickly from the local NAS drive. Only for 
very recent files do they still need to con- 
nect to the United States. 

"With one AccuNAS here and one there, 
we can just replicate the content once every 
day, and they can access that content very 
fast. If the file is too new, they can still get 
it from the U.S., but at a slower speed," 
explains Yao. 

The AccuNAS provides a Web interface 
for administration. This allows managers to 
monitor and administer the storage from 
any location. It also allows CA Imaging to 
access its custom archival software via the 
Web — a major benefit for small companies 
such as Yao's. 

"The whole administration part is done 
with a Web interface. For me, that is really 
convenient when I'm traveling," he says. 
"Before, I had to either be in front of the 
server or use PC Anywhere to access it. Now 
I can easily monitor everything and make 
sure it's the way it's supposed to be." 



Sans Digital 
I AccuNAS Series 

NAS (network-attached storage) servers 
that provide support for RAID-1 and RAID-5, 
0+1 Hotspare, HDD Hot-Swap, and Auto- 
Rebuild; offer remote system monitoring for 
fan status, temperatures, RAID status, and 
HDD status, among other conditions; and 
can send automated email notifications for 
predefined events 

"We had minimal downtime. It took about 
four hours for us to go live. It helped that we 
had everything planned out before we did it," 
says Jeffrey Yao, owner of CA Imaging. 
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Biometrics : 
Is It Time Yet? 



SMEs Are Starting To Get Their Hands 
On The Technology 



by Sixto Ortiz Jr. 
• • • 

It's the kind of stuff that used to be 
found only in science fiction or spy movies: 
devices that use something unique about a 
person, such as fingerprints or the pattern 
of blood vessels on the retina, to positively 
identify an individual and grant access to a 
restricted area or a computer. Today, bio- 
metric devices are quickly emerging from 
make-believe into reality as numerous 
products designed to work with computers 
make their way into the marketplace. 

Perhaps the biggest advantage that bio- 
metrics products offer for computing secu- 
rity is the fact that users don't have to 
bother with remembering passwords or 
access codes simply because these systems 
authenticate based on unique physical 
traits. But biometrics products have not yet 
taken computing by storm, even as the 
need for strong authentication mechanisms 
increases. 

Biometrics Adoption Today 

Even though biometrics offers unique 
advantages for authenticating users, the fact 
remains that these devices are not any- 
where near ubiquitous in the corporate 
world. Even though the technology is avail- 
able for providing convenient identification 
mechanisms that don't require any end-user 
effort to develop and remember, most busi- 
nesses still rely on password authentication 
for managing access to business systems. 

But the tide may be finally turning in 
favor of biometrics devices. Chip Mesec, 
senior product marketing manager for 
DigitalPersona (www.digitalpersona 
.com), a provider of biometric authentica- 
tion solutions for enterprise networks, 
developers, and consumer OEMs, says 
some large enterprises are adopting bio- 
metrics, but SMEs are adopting biomet- 
rics at a faster rate. 

"Larger organizations are often slower to 
adopt new technologies because they have 
longer decision-making, purchasing, and 
deployment schedules," says Mesec. On the 
other hand, he adds, small and medium- 
sized enterprises are rapidly adopting fin- 
gerprint biometrics in retail, financial ser- 
vices, health care, and government as more 
low-cost, embedded solutions become 
available in the marketplace. 



Tucker Lichtenberger, marketing special- 
ist for M2SYS Technology (www.m2sys 
.com), a fingerprint identity management 
technology provider, thinks some business- 
es might be hesitant to adopt biometrics 
products because decision-makers think 
integrating biometrics is a huge undertak- 
ing. "Many businesses believe that they 
will have to invest too many resources to 
integrate biometrics into their systems and 



able to track them or access their personal 
information." 

This fear may be rooted in the fact that 
some fingerprint systems copy the finger- 
print and allow it to be duplicated, says 
Mesec. But these systems, called AFIS 
(Automated Fingerprint Identification 
Systems), are usually associated with law 
enforcement and border protection, he adds. 

Other systems, called non-AFIS, gather 
characteristics of the fingerprint and mathe- 
matically convert those into a set of num- 
bers, says Mesec. These numbers, called 
templates, are much easier to store and 
move around and don't contain all of the 
information from the true fingerprint 
image, so there's no image to lose or steal, 
he says. DigitalPersona' s fingerprint 
authentication systems handle fingerprint 
authentication in this manner, he adds. 

M2SYS' technology also works in this 
manner. The company's biometric software 
scans a fingerprint and then converts the 
image to a mathematical representation of 
the print, so an actual copy of the image is 



One of the perceived problems 
with biometrics is rooted in, quite simply, 
users' sense of paranoia. 



that the initiative could divert focus from 
their core competencies," says Lichten- 
berger. 

At the end of the day, any implementa- 
tion pains may be outweighed by the signif- 
icant advantages biometrics can bring to 
the table. But there are some perception 
issues that the technology must overcome if 
it is to truly step into the limelight. 

Perceived Issues 

One of the perceived problems with bio- 
metrics is rooted in, quite simply, users' 
sense of paranoia. Many people believe that 
fingerprint systems actually store a physical 
copy of a user's fingerprint image, says 
Lichtenberger. "With that being said," he 
notes, "people are worried that by submit- 
ting their fingerprint, 'Big Brother' will be 



Biometrics Products 



never saved. And, he adds, this stored 
"identity template" cannot be reverse-engi- 
neered into the actual fingerprint image. In 
spite of the perceived issues with biomet- 
rics systems, these devices can solve a lot 
of problems for enterprises today. 

Biometrics: The Advantages 

According to DigitalPersona' s Mesec, 
biometrics improve network security by 
eliminating passwords that can be lost, 
stolen, or shared, reducing IT support costs 
by eliminating help desk requests and 
improving regulatory compliance by pro- 
viding user-unique audit trails. 

M2SYS' Lichtenberger says biometrics' 
top benefit is enhanced security, whether 
it's verifying customer identity for secure 
payment transactions, preventing customer 
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or employee identity fraud, or clearing cus- 
tomers for entrance into bank vaults and 
safety deposit boxes. But, he adds, "The 
biggest surge right now in the use of bio- 
metrics is the level of convenience that this 
technology can provide." This is because 
users can simply use their finger to access a 
bank account, for example, instead of hav- 
ing to complete a form or answer a teller's 
questions, he says. 

And, as DigitalPersona' s Mesec puts it, 
the undeniable benefit of biometrics is that 
you can't leave home without it, so lost 
identity cards and forgotten passwords are 
no longer an issue. As Mesec says, "Simple 
trumps complex every time." 

Current Products & Future Developments 

Both DigitalPersona and M2SYS devel- 
op and market tools that can be used for 
developing custom biometric fingerprint 
applications. For example, M2SYS' Bio- 
Plugin can be used to integrate biometric 
fingerprint capabilities into existing sys- 
tems without having to delve into low-level 
SDK integration. For instance, M2SYS' 
Enterprise Biometrics Suite integrates with 
Active Directory to provide secure network 
logon capabilities. 

DigitalPersona' s business product offer- 
ings include the company's DigitalPersona 
Online, a system consisting of client and 
server software to enable fingerprint au- 
thentication for Web applications, and the 
DigitalPersona Pro product line, which 
includes the DigitalPersona Pro Workstation 
Software and DigitalPersona Pro Server 
Software, for providing networked biometric 
authentication at the enterprise level. 

Looking Ahead 

According to Acuity Market Intelligence, 
an emerging technologies market research 
firm, biometrics is expected to enjoy tremen- 
dous growth in the years ahead. Biometrics 
industry revenues are expected to surge from 
approximately $1.2 billion this year to $9.9 
billion in 2015. This forecast represents an 
opportunity for both developers of biomet- 
rics products and business users looking to 
strengthen their authentication mechanisms 
and finally step out beyond passwords. 
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Active Directory 
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Enterprise Biometrics 
Suite 


An enterprise fingerprint login solution that integrates with Active Directory 


Microsoft 

www.microsoft.com 


Fingerprint Reader 


Compatible with Windows Vista, this simple reader lets users log in to their PCs and online 
sites via fingerprint authentication 
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www.secugen.com 


SecuGen Hamster III 


A hardware fingerprint reader compatible with fingerprint-reading software, such as 
SecuGen's SecuDesktop Pro 
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Emerging Technology : 
When Should You Act? 



The 80-20 Rule 



Timing Is A Business Matter, 
Not An IT Driver 



by John Brandon 
• • • 

In the current IT climate, it seems as 
though all technology is "emerging." In 
fact, whether it is IP telephony, video 
over the Web, unified communications, or 
server virtualization, it is hard to know 
when a market has finally fully emerged 
and when it is still in an infant state. 
According to a Gartner report issued in 
early October, called "Justifying Emerg- 
ing Technologies to Business Leaders," 
IT should look to the business side of a 
small to medium-sized enterprise to quan- 
tify whether a new technology is worth 
pursuing. 

In the report, analyst Betsy Burton out- 
lines a strategy for IT that is clear and 
direct: IT should continue in the full transi- 
tion to a service-oriented organization of 
the company and strive to meet the needs 
of the business rather than jump on the lat- 
est technology bandwagon. 

The Gartner plan instructs IT managers 
to start by defining key metrics in the busi- 
ness unit, define best practices and skills 
that match the emerging technology needs, 
develop a clear work plan for the new tech- 
nology, build a culture for the skills needed 
to embrace new technology, and budget 
time for experimentation within IT. All of 



these steps start with the business case for 
the technology. 

"IT needs to focus on the business ef- 
fects, such as increasing sales, creating new 
sources of revenue, increasing speed of 
communication, and on the balance be- 
tween optimizing operations and creating 
business transformation," says Burton in 
the report. "Different emerging technolo- 
gies may be best utilized at different points 
along this continuum. By leveraging a clas- 
sic business practice of scenario planning, 
IT leaders can more clearly understand if 
and how to use emerging technologies." 

Action Planning 

Of course, agreeing with an action plan 
and putting it into action are two different 
concepts. IT has long been positioned as a 
technology leader and innovator. Server 
virtualization is one of the most obvious 
examples where the IT benefits are clear 
(consolidation, lower costs, less complexity 
for some tasks), but the business value is 
not as much of a driving force. In fact, to 
the end user, a virtualized server is no dif- 
ferent from a physical server — which is 
exactly why the technology is so popular. 

Meanwhile, according to Yankee Group 
analyst George Hamilton, the director of 
enabling technologies, a clear example of a 



business case driving technology is with IP 
telephony. For business reasons, such as 
greater productivity for mobile users and 
more flexibility in communication, Voice 
over IP in particular is a great asset. For IT, 
voice communication used to be a matter of 
connecting handsets into a wall outlet and 
configuring the phone system but is now 
much more complex to manage. 

One emerging technology that could test 
the IT and business relationship is virtual 
storage, which matches well with virtual 
server environments and could alleviate 
some of the pain that business units feel in 
storage management but could have a more 
dramatic effect on IT infrastructure. 

Hamilton says IT is still evolving as a 
service organization, and nothing tests that 
imperative like emerging technology. 
Value-added resellers and channel partners 
for SMEs have shown how a service orga- 
nization can operate efficiently, serving the 
"business" needs of IT. Even in a small to 
medium-sized enterprise, IT should act 
more like a VAR when dealing with busi- 
ness units inside the company. 

"Small and medium-sized businesses can't 
afford to make mistakes, which is why they 
rely on VARs and channel partners," says 
Hamilton. "They have a trusted relationship 
that mitigates the risk." Hamilton notes that 
IT needs to forge this same trusted partner- 
ship with the business units, so they can 
adapt and hit the ground running with new 
technology instead of being caught off guard. 



Another dramatic shift that Hamilton pre- 
dicts has to do with the 80-20 rule. Today, 
IT tends to focus 80% of its energies on 
maintenance and 20% on new projects. In 
the changing IT landscape, where high ser- 
vice levels can lead to outsourcing to meet 
business objectives, emerging technology 
could break that 80-20 rule and possibly 
even reverse it. IT could become much 
more experimental with new technologies, 
such as unified communications, if the 
business is demanding it. 

According to Burton, that shift will be wel- 
come because it will force IT to become 
more business-savvy in dealing with busi- 
ness leaders, strategically planning new ini- 
tiatives to match technology rather than the 
other way around. "IT leaders need to lead 
business leaders in determining the business 
goals and objectives, developing an initiative 
for exploring possible business scenarios for 
leveraging emerging technologies, and deter- 
mining the effect on governance, skills, and 
portfolio management," says Burton. 

Whether that wholesale shift in IT focus 
will occur, especially in SMEs where busi- 
ness needs change quickly, is hard to pre- 
dict — almost as hard as predicting emerg- 
ing technologies. 



Emerging Technology 
Strategy Quick Tips 



Analyze business benefits first and then 
develop IT strategies. 

Develop a service-level commitment to 
new technology. 

Hone IT skills to be adaptive to emerging 
technology. 

Make business drivers the primary 
motivation to investigate technology. 
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What's Happening 



Monitoring Operational Activity 



Lancope Correlates Security 
& Network Intelligence 



by Julie Sartain 

Security attacks today are at an all- 
time high, often rendering traditional net- 
work security ineffective; the old programs 
can't always keep pace with the new, con- 
tinually evolving threats. 

Lancope (www.lancope.com) has a prod- 
uct to combat these intrusions and empow- 
er users to fight back. It focuses on expand- 
ing the capabilities of its StealthWatch 
NBA (Network Behavior Analysis) system 
to meet the security needs of enterprise 
organizations. As a pioneer in this technol- 
ogy, Lancope was the first to combine 
behavior-based anomaly detection and 
reporting of network operations. Currently, 
the StealthWatch System monitors and 
secures more than 30 million hosts across 
hundreds of global networks that span a 
wide range of industries. 

Problems & Solutions 

According to Jason Anderson, vice presi- 
dent of engineering at Lancope, the company 
reviewed how networks were managed and 
discovered that very few enterprises had visi- 
bility into the real activity on their networks. 
This meant problems could rapidly develop 
into serious issues before being detected and, 
once detected, required significant manual 
efforts to investigate and troubleshoot. 

Anderson adds that much of the informa- 
tion the administrators needed likely existed 
somewhere, but locating it was most of the 
battle, and finding that crucial information 
during a crisis was even more difficult. 
"Working with many disparate sources of 



information and then trying to bring all the 
pieces together to form the big picture is 
time-consuming and laborious," he says. 
"Moreover, this approach requires that the IT 
staff have tremendous amounts of knowledge 
about all the systems on their networks." 

The solution is pervasive monitoring of 
all activity on the network all the time, 
notes Anderson, so IT staff has the neces- 
sary information as soon as the need arises. 
But the solution may be beyond the reach of 
many organizations because the costs are 
too high and the benefits too small. 

"The best solution will provide day-to- 
day operational benefits while collecting 
the information necessary to detect and 
investigate problems," says Anderson. 
"With this approach, personnel are familiar 
with the application and have confidence in 
it when a crisis arises." 

Research & Development 

Lancope' s R&D concentrates on the use 
of flow data for security and network oper- 
ations applications. Over time, the focus 
shifted from raising alarms to providing a 
broad range of information about activity 
on the network so admins could identify the 
cause and scope of these problems more 
effectively. The engineers learned Lancope 
could monitor large networks with very lit- 
tle equipment, adds Anderson. 

From its inception in 2000, Lancope 's 
efforts were about detecting those problems 
that a traditional IDS approach would miss. 
At that time, the state-of-the-art IDS was 
signature-based and required knowledge of 
vulnerabilities in order to detect problems. 



"Here at Lancope," says Anderson, "we be- 
lieved that this would result in an arms race 
with the security companies constantly 
working to update their signature libraries 
with each new problem uncovered." 

The company's goal was to provide anoth- 
er method for detecting problems that would 
not require advanced knowledge of vulnera- 
bilities, Anderson notes. Lancope pioneered 
a behavioral-based approach that leverages 
the knowledge gained, over time, for how 
a host on the network 
normally acts. When 
any host starts behav- 
ing in a way that is 
significantly different 
from past behavior, 
Lancope' s technology detects that change 
and provides information about what was 
going on at that time. 

Lancope uses a flow-based approach to 
summarize activity. "To us, a flow is the 
record that two hosts have communicated 
and the statistics about that communication," 
says Anderson. "We developed algorithms 
to identify the client and server in each 
exchange and a number of characteristics of 
those communications that we deemed sig- 
nificant." This summary provides the most 
significant information for detection and 
investigation while minimizing the amount 
of data Lancope had to store. It balanced the 
cost of coverage with necessary details and 
allowed the capture of every conversation on 
the network for long periods of time. 

As the market evolved, the technology 
matured, and Lancope discovered that a snif- 
fer-based approach could not scale to the 
extent of coverage organizations demanded. 
Monitoring the activity in a large company 
would require hundreds of probes, and the 
acquisition, deployment, and maintenance of 



an installation that large were more than the 
perceived benefits could justify. So NetFlow 
and sFlow were deployed to provide the 
information needed for analysis and, with 
the special processing performed on those 
flow sources, many of the benefits of the 
sniffer-based product could be duplicated. 

"With NetFlow and sFlow, our cus- 
tomers' routers and switches became virtual 
probes and, with the advances in hardware 
from Cisco and Foundry, turning on that 
data export became 
efficient. With this 
additional information 
about [and from] the 
routers and switches, 
we discovered that it 
could add another dimension to the data," 
says Anderson. 

Although the initial focus was on hosts and 
flows, Lancope could link those to the net- 
work infrastructure itself, Anderson adds. 
Now, whether a problem is discovered with a 
host or a router, admins have an appropriate 
place to start looking and a link to the associ- 
ated pieces of the problem. Then Lancope 
added integration with identity stores, which 
tied the activity back to the actual user of the 
system involved with the problems. 

Future Plans 

Future enhancements include adding to 
and improving the significance of alarms, 
adding more network performance monitor- 
ing capabilities, adding new flow sources, 
and adding support for IPv6 networks, and 
further integration with network equipment 
for mitigation purposes, says Anderson. 

Anderson adds, "Lancope is also focused 
on the integration of our system into the larg- 
er network information infrastructure that 
many of our customers have deployed." 
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THREE QUESTIONS 



SonicWALL Meets 
Varied Security Demands 

Providing Protection Beyond 
The Internal Firewall Is Critical 

by Darrell Dunn 



With more than 15 years' experience providing IT security products to enterprises of all sizes, 
SonicWALL (www.sonicwall.com) has seen the rise of complexity in securely managing corporate 
assets and enabling business innovation. The company offers a wide range of network security, 
secure remote access, Web and email security, backup and recovery, and policy and management 
products to help businesses meet critical IT objectives without compromising network performance. 

"We believe we have a relentless pursuit of innovation that drives the cost and complexity out of 
high-performance, secure infrastructure, which frees businesses to be more productive," says Jon 
Kuhn, director of product management for SonicWALL. 

SonicWALL's family of network security appliances uses high-speed deep packet inspection and 
integrates automated and dynamic security capabilities for protection and performance. The com- 
pany also provides endpoint security protection against new virus, spyware, spam, and phishing 
threats; SSL-based VPNs for secure remote access; and email security for organizations of fewer 
than 25 to more than 100,000 users. 

"We sell any number of packages like inspection firewall," Kuhn says. "We have Web filtering that is 
used to look at the Web sites and, based on policy, manage site access. Our appliances control the 
backup and recovery of internal data on workstations and servers." 



■ What are the biggest IT-related 
issues facing today's small to midsized 
enterprise? 

"The biggest 'new' issue facing IT organ- 
izations is the growth in real-time demand 
and applications," Kuhn says. "And it has be- 
come increasingly difficult to tell where the 
network starts and stops for these administra- 
tors. There is a lot of confusion in how best to 
manage the security and efficiency of these 
real-time applications as they move outside 
the network." 

With the growth of Web 2.0 and SaaS apps, 
an increasing amount of network traffic is out- 
bound rather than in the form of the traditional 
flow of users accessing data and applications 
almost exclusively on internal servers, Kuhn 
notes. IT must ensure the security perimeter 
includes mobile and telecommuting workers, 
remote offices, and Web-based applications. 

"This change has bred the concept of the dis- 
appearing perimeter," Kuhn says. "Workers 
are no longer siloed into a single environment, 
and access to resources is coming from 
everywhere— a Starbucks, a hotel, an end 
user's home. This new type of worker is also 
routinely storing huge files local to their PCs." 

■ What should Processor readers 
know about your company's products? 

"We've taken a look at the top security is- 
sues facing business and have developed 



products that secure the network from four 
different perspectives," Kuhn says. 

The SonicWALL product portfolio protects 
the network from basic but increasingly 
complex Internet-based threats, such as 
denial of service attacks and application 
layer attacks. The products provide a se- 
cure perimeter and connections for remote 
users, provide security for the internal net- 
work, and protect business communica- 
tions, he notes. 

"The primary means of business communi- 
cations today is email, and we concentrate 
on guarding against threats coming over 
email," Kuhn says. "We also want to make 
sure that data that is sensitive to an orga- 
nization is not going to get passed outside 
the network and into someone's hands that 
should not be reviewing the data." 

■ What makes your company unique? 

"We look at secure networking from a very 
core level and have developed an engine 
called the reassembly-free deep packet in- 
spect engine," says Kuhn. "It combines mul- 
tiple security technologies, or filters, and 
looks at exploits and vulnerabilities and 
completes real-time application inspection 
by scanning traffic as files are being trans- 
ferred," he says. "End users today want their 
access to data to be dynamic rather than 
static, and a corporate IT security strategy 
must be, as well." 
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ASA COMPUTERS 

(Experts on Customized Servers) 

Hardware Systems for the Open Source Community-Since 1989 
(Linux, FreeBSD, NetBSD, OpenBSD, Solaris, MS, etc). 

ido, Santa Clara, CA 95054 Tel: 1-800-REAL-PCS Fax: (408) 654-2910 URL: www.asacomputers.com 



Product Features 



- Rack solid Quality rackmount system 
with excellent cooling. 

- Custom OS including Linux, Solaris 
*BSD, MS Windows, Suse, Debian, etc. 

- Hardware and software Raid storage. 

- High density cluster nodes. 

- SATA - SCSI - SAS - Fiber Raid. 

- iSCSI and NAS storage appliances. 

- High end custom workstations. 

- On-site warranty support for most 
of our products. 



1U Server -ASA1 401 1 

- 1TB Storage Installed. Max-4TB. 

- Dual-Core Intel(r) Xeon(r) Processor 5030 

- 1GB 667MHz FBDIMMs Installed. 

- Supports 16GB FBDIMM. 

- 4 Port SATA-II RAID Controller. 
-4x250GB hotswap SATA-II Drives Installed. 

- 2x10/100/1000 LAN onboard. 

2U Server-ASA2121I 

- 3TB Storage Installed. Max-12TB. 

- Dual-Core Intel(r) Xeon(r) Processor 5030, 

- 1GB 667MHz FBDIMMs Installed. 

- Supports 16GB FBDIMM. 

- 12x250GB hotswap SATA-II Drives Installed 
- 12 Port SATA-II RAID Controller. 

- 2x10/100/1000 LAN onboard / 500W Red PS 



3U Server-ASA3161I 

- 4TB Storage Installed. Max-16TB. 

- Dual-Core Intel(r) Xeon(r) Processor 5030, , 

- 1GB 667MHz FBDIMMs Installed. 

- Supports 16GB FBDIMM. 

- 16 Port SATA-II RAID Controller. 

- 16x250GB hotswap SATA-II Drives Installed. 

- 2x10/100/1000 LAN onboard./ 800W Red PS 

5U Server - ASA5241 1 

■ 6TB Storage Installed. Max-24TB. 

- Dual-Core Intel(r) Xeon(r) Processor 5030, 

- 1GB 667MHz FBDIMMs Installed. 

- Supports 16GB FBDIMM. 

- 24x250GB hotswap SATA-II Drives Installed 

- 24 Port SATA-II RAID. CARD/BBU (optional). 

- 2x10/100/1000 LAN onboard / 930W Red PS 





Custom OEM Solution 



Custom chassis design as per your 
needs for your appliances. 

Custom Faceplates for your appliances. 

Custom logo printing. 

Facilitating in getting various 
certifications like FCC/UL/CE, etc. 

Custom installation of your images. 

Drop ship on your behalf. 



Technical Expertise 



We have a highly qualified technical 
and engineering team consisting of 
Redhat, BSD, MCSE, CCNA, and 
CNE certified engineers. They are 
dedicated to address any question 
you may have with our hardware 
products. Our sales engineers are 
experts in providing you solutions 
that suit your needs while keeping 
your budget low.. 



8U Server - ASA8421 1 

- 10TB Storage Installed. Max-40TB. 

- Dual-Core Intel(r) Xeon(r) Processor 5030, 

- 1GB 667MHz FBDIMMs. 

- Supports 32GB FBDIMM. 

- 40x250GB hotswap SATA-II Drives Installed. 

- 2x12 Port SATA-II Multilane RAID Controller. 
-1x16 Port SATA-II Multilane RAID Controller. 
-2x10/100/1000 LAN onboard. 

- 1300W Red PS 



Please call us for futher customization, 
and quantity orders 





EVAL Servers Available on Request. 

Since 1989, ASA has served customers like Cisco, Juniper, Caltech, Fermilab and most 
Universities. We provide total custom server solution with OS of your choice. Excellent 
pre-sales and post-sales support. Reliable hardware at most competitive prices. Please 
call or contact us for your next hardware purchase. 
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